AuthProvider

Specify the optional authorization configuration for your AWS Lambda function authorizer. You can configure this optional property when Type is specified as AWS_LAMBDA.

Type: LambdaAuthorizerConfig

Required: No

CloudFormation compatibility: This property is passed directly to the LambdaAuthorizerConfig property of an AWS::AppSync::GraphQLApi AdditionalAuthenticationProvider object.

Specify the optional authorization configuration for your OpenID Connect compliant service. You can configure this optional property when Type is specified as OPENID_CONNECT.

Type: OpenIDConnectConfig

Required: No

CloudFormation compatibility: This property is passed directly to the OpenIDConnectConfig property of an AWS::AppSync::GraphQLApi AdditionalAuthenticationProvider object.

The default authorization type between applications and your AWS AppSync GraphQL API.

For a list and description of allowed values, see Authorization and authentication in the AWS AppSync Developer Guide.

When you specify a Lambda authorizer (AWS_LAMBDA), AWS SAM creates an AWS Identity and Access Management (IAM) policy to provision permissions between your GraphQL API and Lambda function.

Type: String

Required: Yes

CloudFormation compatibility: This property is passed directly to the AuthenticationType property of an AWS::AppSync::GraphQLApi AdditionalAuthenticationProvider object.

Specify the optional authorization configuration for using Amazon Cognito user pools. You can configure this optional property when Type is specified as AMAZON_COGNITO_USER_POOLS.

Type: UserPoolConfig

Required: No

CloudFormation compatibility: This property is passed directly to the UserPoolConfig property of an AWS::AppSync::GraphQLApi AdditionalAuthenticationProvider object.