is it possible to drop a websocket Connection from within an Inbound policy ?
Scenario is the following:
- WS Client is opening websocket through apigw
- WS Client is sending authorization Information (token) through its first message through websocket
- Inbound policy needs to check provided Information against IDP and might drop the Connection if check Fails.
How to achieve this scenario,
If we are not able to drop the connection, than we would need to remember that this connection is authenticated, because the tolken is not part of any further Messages sent through this WS channel.
Thanks for thoughts and help.