This example adds authentication to GraphQL endpoints provided by AWS AppSync. After setting up this example, AWS Cognito will make sure that only authenticated users can access the secured endpoints.
More info: https://coderecipe.ai/architectures/47858351
git clone https://github.com/CodeRecipe-dev/cognito-appsync.git
cd cognito-appsync
serverless deploy --stage beta
To test access to unauthenticated endpoint, run the following curl command with the deployed api key and appsync endpoint:
curl -XPOST -H "Content-Type:application/graphql" -H "x-api-key:<appsync-api-key>" -d '{ "query": "query { getMessage(id:1) { id,content,author } }" }' <appsync-graphql-endpoint>
To test access to secured endpoint, create a user in Cognito User Pools, then use the AppSync GUI to login as a user and test:
To remove the stack, run the following command:
serverless remove --stage beta