Posted On: Aug 27, 2020
Amazon IoT Core now enables customers to use Custom Authorizers to validate IoT device credentials passed through MQTT Connect messages. In addition, customers using HTTP or WebSockets to connect to Amazon IoT Core can now customize which headers or query parameters they use to pass device credentials.
Custom Authentication allows customers to define their own Amazon Lambda-based workflows, called Authorizers, for authenticating devices and authorizing their operations on Amazon IoT Core. Customers can use Custom Authentication to extend Amazon IoT Core with external identity and access management services. For example, customers can use their own provisioning service to generate device credentials such as bearer tokens, like JSON Web Tokens, or MQTT username and passwords, and use these credentials to connect to Amazon IoT Core. Using Custom Authentication, customers can easily connect existing devices in the field to Amazon IoT Core without having to provision new credentials for them.