Graphql-playground: Use Graphql-playground with aws appsync Amazon Cognito User Pool
How can i use aws appsync graphql url with Amazon Cognito User Pool authorization in graphql playground
Deepaknathtiwari
All 11 comments
Add this to HTTP headers in the playground.
{
"x-api-key": "apikey",
"authorization": "userToken"
}
You can find the x-api-key in your appsync console, and the userToken you can find when inspecting the network request graphql is doing when you are logged in.
jarandmi
on 13 May 2019
Hi jarandmi
thanks for reply but i am using cognito user poll for authentication instead of apikey. How can i use Graphql playground with cognito user poll
Deepaknathtiwari
on 13 May 2019
The x-api-key is for AppSync, not cognito. Goto AppSync in your AWS console, and under settings you find your API ID.
jarandmi
on 13 May 2019
@jarandmi and do you know how can it be used without app sync but still with cognito and api gateway methods auth'd with AWS_IAM? Not sure if cognito matters here because what I'd like to do is use my accessKeyId and secretAccessKey to do the authentication somehow.
Getting a signed request to get the correct headers didn't work out for me.
Btw, with insomnia I was able to make calls because they explicitly have a auth method for AWS IAM v4.
joaovpmamede
on 18 May 2019
Api gateway is the same as Appsync (plus some more stuff).
{
"x-api-key": "apikey",
"authorization": "userToken"
}
apiKey
- Go to https://eu-west-1.console.aws.amazon.com/appsync/
- Find your project
- Click on Settings
- Copy the API ID, and us it as the
apiKey
authorization
Get your user token (log into your app, and look at the header request. There you will find the authorization token. Use this as the authorization key.
jarandmi
on 22 May 2019
Not really using api keys at the moment and not event sure if I can when using AWS_IAM auth but will try.
Thanks
joaovpmamede
on 22 May 2019
Hi jarandmi
But api key use to expire in 7 days so i have to change it again and again. I would like to use cognito user pool instead of api key
Deepaknathtiwari
on 29 May 2019
to add to @jarandmi:
one can just go to AppSync console Queries, where it is possible to login with cognito user pool credentials (next to play button). Then any query executed there will have authorization header in inspected request in Network in Chrome devtools.
ambientlight
on 19 Sep 2019
Seems you want to use either the authorization header for AMAZON_COGNITO_USER_POOLS auth type, or x-api-key for the API_KEY auth type, but not both at the same time. Set the authorization header to your jwtToken, or x-api-key to the appsync api key.
sevees
on 14 Nov 2019
Seems you want to use either the authorization header for AMAZON_COGNITO_USER_POOLS auth type, or x-api-key for the API_KEY auth type, but not both at the same time. Set the authorization header to your jwtToken, or x-api-key to the appsync api key.
This is exactly the problem I had. If the default authentication is Cognito, x-api-key will be ignored, and the header mentioned above works. But if there are additional authentication modes with Cognito default, this header doesn't work. I believe the correct way is as @sevees said, only use this header
{
"authorization": "userToken"
}
yuntaoL
on 1 Jun 2020
I noticed the same behavior. You can't use both headers at once.
Dzhuneyt
on 29 Oct 2020
Related issues
lastmjs
路
19Comments
grahamb
路
20Comments
gajus
路
20Comments
barbosa
路
12Comments
jazzzz
路
38Comments
Most helpful comment
This is exactly the problem I had. If the default authentication is Cognito, x-api-key will be ignored, and the header mentioned above works. But if there are additional authentication modes with Cognito default, this header doesn't work. I believe the correct way is as @sevees said, only use this header
{
"authorization": "userToken"
}