- Deploy the Lambda from market place
- Edit the lambda environment variables with your audience, issuer, and openidconnect endpoint
- Create an Authorizer for your API Gateway that reference your Lamdba
- Precise which header to forward to the Lamdba as authorization token. Warning, this should be the full token, no "bearer ' prefix.
- Test the authorizer by passing a valid / and invalid bearer token. A valid token should return "Effect": "Allow" while an invalid token "Effect": "Deny"
- Apply the authorizer to the endpoints that require a valid token