I´m using an Lambda Proxy and a Cognito User Pool Authorizer in my ApiGateway. In the Lambda function I can access the path etc. variables via the event object. In addition to that I want to access the claims of the authenticated user. In the documentation it is written, that I should use:

context.authorizer.claims.property

But I authorizer is null so I get

Cannot read property 'claims' of undefined

Anyone with an idea?

If you are referring to this part of the documentation, $context.authorizer.claims is part of the mapping template of the integration. It is not related to the context argument of the handler.

Using Lambda Proxy integration, you are using the passthrough mapping template. I̶t̶ ̶s̶e̶e̶m̶s̶ ̶w̶h̶a̶t̶ ̶i̶t̶ ̶d̶o̶e̶s̶ ̶n̶o̶t̶ ̶i̶n̶c̶l̶u̶d̶e̶ ̶w̶h̶a̶t̶ ̶y̶o̶u̶ ̶a̶r̶e̶ ̶l̶o̶o̶k̶i̶n̶g̶ ̶f̶o̶r̶ (see edit). You'll probably have to disable Lambda Proxy integration and use something like this in the mapping template:

{
    "identity" : {
        "sub" : "$context.authorizer.claims.sub",
        "email" : "$context.authorizer.claims.email"
    }
}

The mapping template "build" the event parameter of the Lambda. So you will be able to access to the parts of your claim via the event parameter.

exports.handler = (event, context, callback) => {
    // TODO implement
    callback(null, event.identity.email);
};

Note that I slightly modified the documentation example to avoid another confusion about what context can be:

• the mapping template variable in API Gateway
• the second argument of a handler in Lambda
• a key of the event argument in some examples of the documentation <= I renamed it identity

Edit

As pointed out by doorstuck, the information is available using the proxy integration

The accepted answer will work but it is not needed. When using Lambda Proxy Integration you can access the authorizer claims at:

event.requestContext.authorizer.claims

You can try to console.log(event); and see the information you get out of a Lambda Proxy Integration in CloudWatch Logs.