For some reason, Cognito authorizer gets ignored when I test invoke the method (It works with Postman and any client requests though). I pass the idToken on the Header Authorization so I can use $context.authorizer.claims.sub as my uuid on request transformation, but to no avail.
Right now the test invoke ignores any pre-integration steps, including authorization and throttle/quota check by API Key. We'd like to support a full end-to-end test invoke in the future, but for now you'll have to rely on end-to-end testing via the deployed API.