Allow to select which API key for API_KEY authentication

[Jackychans]

Hi everyone,

I'm building Saas app model where each client should have their own API_KEY specified expiry dateTime as additional authorization method (AWS Cognito User Pool is used by default authorization).

I can see we have one field API_Key but have no idea how appsync works out on selecting specifically which API_KEY corresponding for each clients.

Another scenario using API_Key as additional authorization is to allow my mobile apps accessing AppSync with different API_KEY than web apps. Each app should use different API Keys.

Any advise ? really appreciate

[bboure]

Hi @Jackychans There are several issues here I think

1. AppSync does support several API keys definitions, and that is definitely something we should support (Currently, we don't)
2. Currently, the plugin generates an API key with a one year expiry date by default. I understand you might want to set that yourself. This is also something we should support.
3. I imagine you might want to define yourself custom API keys for each microservice/app. This one is currently not possible (API key is generated randomly). See this issue for more details.

Will look into 1) and 2) when I can, unless you want to open a PR yourself??

[bboure]

@Jackychans Please check the new feature available in v1.5.0 See the Api key Management section in the README