Edit on GitHub

Page updated Nov 20, 2023

Public data access

The public authorization strategy grants everyone access to the API, which is protected behind the scenes with an API key. You can also override the authorization provider to use an unauthenticated IAM role from Cognito instead of an API key for public access.

Add public authorization rule using API key-based authentication

To grant everyone access, use the .public() authorization strategy. Behind the scenes, the API will be protected with an API key.

export const schema = a.schema({ Todo: a.model({ content: a.string() }).authorization([ a.allow.public() ]) })
1export const schema = a.schema({
2  Todo: a.model({
3    content: a.string()
4  }).authorization([
5    a.allow.public()
6  ])
7})

Add public authorization rule using IAM authentication

You can also override the authorization provider. In the example below, iam is specified as the provider which allows you to use an "Unauthenticated Role" from the Cognito identity pool for public access instead of an API key. Your Auth resources defined in amplify/auth/resource.ts generates scoped down IAM policies for the "Unauthenticated role" in the Cognito identity pool automatically.

export const schema = a.schema({ Todo: a.model({ content: a.string() }).authorization([ a.allow.public("iam") ]) })
1export const schema = a.schema({
2  Todo: a.model({
3    content: a.string()
4  }).authorization([
5    a.allow.public("iam")
6  ])
7})

Amplify open source software, documentation and community are supported by Amazon Web Services.

© 2023, Amazon Web Services, Inc. and its affiliates.

All rights reserved. View the site terms and privacy policy.

Flutter and the related logo are trademarks of Google LLC. We are not endorsed by or affiliated with Google LLC.