interface AuthenticateJwtOptions
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.ElasticLoadBalancingV2.AuthenticateJwtOptions |
 Go | github.com/aws/aws-cdk-go/awscdk/v2/awselasticloadbalancingv2#AuthenticateJwtOptions |
 Java | software.amazon.awscdk.services.elasticloadbalancingv2.AuthenticateJwtOptions |
 Python | aws_cdk.aws_elasticloadbalancingv2.AuthenticateJwtOptions |
 TypeScript (source) | aws-cdk-lib » aws_elasticloadbalancingv2 » AuthenticateJwtOptions |
Options for ListenerAction.authenticateJwt().
Example
declare const lb: elbv2.ApplicationLoadBalancer;
declare const certificate: elbv2.IListenerCertificate;
declare const myTargetGroup: elbv2.ApplicationTargetGroup;
// JWT authentication requires HTTPS
const listener = lb.addListener('Listener', {
protocol: elbv2.ApplicationProtocol.HTTPS,
port: 443,
certificates: [certificate],
defaultAction: elbv2.ListenerAction.authenticateJwt({
issuer: 'https://issuer.example.com',
jwksEndpoint: 'https://issuer.example.com/.well-known/jwks.json',
next: elbv2.ListenerAction.forward([myTargetGroup]),
}),
});
Properties
| Name | Type | Description |
|---|---|---|
| issuer | string | The issuer of the JWT token. |
| jwks | string | The JWKS (JSON Web Key Set) endpoint URL. |
| next | Listener | What action to execute next. |
issuer
Type:
string
The issuer of the JWT token.
This must be a full URL, including the HTTPS protocol, the domain, and the path. Example
'https://issuer.example.com'
jwksEndpoint
Type:
string
The JWKS (JSON Web Key Set) endpoint URL.
The endpoint must be publicly accessible and return the public keys used to verify JWT signatures. Example
'https://issuer.example.com/jwks'
next
Type:
Listener
What action to execute next.
Multiple actions form a linked chain; the chain must always terminate in a (weighted)forward, fixedResponse or redirect action.