I got a client API in aws appsync. Currently it has AMAZON_COGNITO_USER_POOLS Authorization, but I would like to allow unauthenticated users to access to some resources inside the GraphQL API. I am looking for some alternatives that does not include changing the way the API authorize access, AMAZON_COGNITO_USER_POOLS Authorization (Changing the authorization type is going to be my last option).
I am looking forward to authorizing cognito unauthenticated identities using AMAZON_COGNITO_USER_POOLS Authorization. Also if you considered that keep this type of authorization and trying to accomplish my use case is going to be the worst idea in the world, I would love to read your arguments.
AWS AppSync does not support this use case yet. However, I'm happy to bring up your use case with the team and take it as a feature request :)
If you're interested, there is a good thread on AWS Forums that talks about this use case.