Jwt Authorizer

This custom authorizer implementation verifies tokens in both Authorization and optional X-Scope-Token headers. As the authorizer doesn’t know the specification, the scope verification cannot be done in this Lambda function.

This Lambda function verifies the token signature and expiration only. Also, it enriches the context with necessary claims so that the scope-verifier module can verify the scopes within the Lambda function.