AWS API Gateway Endpoint with Multiple Authorisers.

  1. JWT and Amazon Cognito User Pools authorisers
    It seamlessly validates the Amazon Cognito user pools tokens, or any standards compliant OpenID Connect (OIDC) and OAuth 2.0 tokens by checking the issuer, client ID, timestamp, signature, and authorisation scopes if specified. You don’t need to write any custom code.
  2. AWS Lambda custom authorisers
    It allows to write custom business logic according to the specifications, do external lookups, generate per-user fine-grained AWS IAM policies and and cache the resulting user’s policy.
  3. IAM-based authorisation
    It allows to validate a unique canonical request signature which is generated and sent by the API client with each request. This signature contains the time of request, resource requested and action.

--

--

--

AWS APN Ambassador | Solutions Architect | AWS Certified Pro | GCP Certified Pro | Azure Certified Expert | AWS Certified Security & Machine Learning Specialty

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

USER DASHBOARD AND PLUTBUTTON GAME BY PLUTOS NETWORK

RSA Encryption in python3

The reusable microservice pipeline pattern

The Great Fleece: Dolly Tracks

It’s Project Week — Coding Bootcamp

How to create Rounded Button in Flutter

Building Creator Communities In Web 3.0

Centrifugo v2.0 released. Built on top of new real-time messaging library for Go language

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Nanthan Rasiah

Nanthan Rasiah

AWS APN Ambassador | Solutions Architect | AWS Certified Pro | GCP Certified Pro | Azure Certified Expert | AWS Certified Security & Machine Learning Specialty

More from Medium

Using AWS S3 as a simple cache service

AWS Serverless — API Gateway

Automate AWS S3 Bucket sync using Lambda with AWS CLI

AWS API Gateway And Step Function Integration With Exception Handling