This repository has been archived by the owner on Sep 30, 2019. It is now read-only.
Appsync emulator - setting defaultAction: DENY has no effect #110
Comments
|
@mattgibson -- thanks for flagging this. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I want to build an API which is not public and which requires a cognito user pool token for access. I have set
defaultAction: DENYinserverless.yml, but there is nothing blocking access when I make a request, provided the JWT I supply in the auth header is actually a JWT. It doesn't fail if the JWT has got nothing to do with the user pool I specified, whereas the actual deployed API refuses access.The text was updated successfully, but these errors were encountered: