Cognito Authentication

I am trying to integrate AWS Cognito authentication in GraphQl schema.

I have added this line to the bottom of my graphql schema

# Dgraph.Authorization {"VerificationKey":"","Header":"Bearer", "jwkurl":"https://cognito-idp.<conito_region><cognito_user_pool_id>/.well-known/jwks.json", "Namespace":"default","Algo":"","Audience":["<cognito_api_name>", "<app_client_id"], "ClosedByDefault": true}

here is my curl request (I have obtained valid token):

curl --location --request POST 'localhost:8082/graphql' \
--header 'Authorization: Bearer <obtained_valid_token>' \
--header 'Content-Type: application/json' \
--data-raw '{"query":"query {\n  getCommercial (id: \"0x2718\")  {\n          id\n          name\n          \n  }\n}","variables":{}}'

and I got error response:

    "errors": [
            "message": "couldn't rewrite query getCommercial because a valid JWT is required but was not provided",
            "path": [

What I am doing wrong here, and how to better trace an errors, since I do not have any logs conserning authorisatin from the dgraph docker containers?

Does not jive with:

Use instead:

--header 'Bearer: <obtained_valid_token>'

You defined in your schema that the header “Bearer” would have your JWT token, but then you provided it in the “Authorization” header instead.

I think in the authorization line in GraphQL schema documentation talks about authorisation headers (X-Dgraph-AccessToken, X-Dgraph-AuthToken, Content-Type, Content-Length, Accept-Encoding, Cache-Control, X-CSRF-Token, X-Auth-Token, X-Requested-With,Bearer)
The header from the curl is the HTTP header.

--header 'Authorization: Bearer <obtained_valid_token>'

Besides that, I have tried, and it is not working.

From docs

The Dgraph.Authorization object uses the following syntax:

{"Header":"", "Namespace":"", "Algo":"", >"VerificationKey":"", "JWKURL":"", "Audience":[], >"ClosedByDefault": false}

This object contains the following values:

  • Header is the header that requests use to store the signed JWT.

So whatever the string you put in that value in the schema is the name of the header it looks for.