Secure the AWS API Gateway with Cognito User Pools & Cognito Authorizer

Рет қаралды 16,725

Жыл бұрын

By default your API Gateway endpoints are not secured so anyone with the link can access it. In a real world scenario you would want to secure them so your users first need to authenticate and provide a token so they can be authorized.
One of the services you could use for managing your users and the sign-up/sign-in flows is Amazon Cognito. In this video I am going to show you how to set up this whole flow, creating a User Pool, signing up and signing in users, then getting the id_token and provide this to the API Gateway, in the Authorization header.
Also we're going to setup the Cognito Authorizer in API Gateway which will handle this authorization flow.
If you liked this video please click on the like button! There's a new video on Majestic.cloud once a week so if you want to stay updated and don't want to miss any new videos then please subscribe to the channel!
Visit the site: majestic.cloud
Follow me on Twitter:
/ lacisoft (László)
/ cloud_majestic (Majestic.cloud)
Follow on Facebook: / majesticcloudcomputing

Пікірлер: 19

@glenwang1746 2 ай бұрын

Thank you so much. Your content helped me

@benoitgael2969 Жыл бұрын

Superbe explication, merci !

@Majesticcloud Жыл бұрын

I am glad you like it!

@JozsefPetenyi 7 ай бұрын

Thanks for this video. Saved me a ton of time

@Majesticcloud 7 ай бұрын

Glad it helped

@luiscarlosjayk 8 ай бұрын

Question: What's the access token for? Can you use that instead of the id token?

@KarimFayed-oy5oo 2 ай бұрын

Great Video! Thanks a lot, but how can I have the data used in registration ex email be used and saved in the backend which is also a lambda

@davidgomez6823 11 ай бұрын

Hello, how can I use this without the hosted UI at all?

@myz540 9 ай бұрын

Very helpful. The cognito documentation is very bad at showing how to actually get a token.

@ArgKilljoy 11 ай бұрын

Hi! I have one question, though. Requests to the API work fine from Postman once I've added the Cognito authorizer. But I'm now getting a CORS error when calling the api from my localhost. Do you have any suggestions? Thank you

@Majesticcloud 11 ай бұрын

Postman is not a browser so it doesn't enforce CORS policy. However in other places such as a browser you might have CORS enforcement. So you need to enable CORS headers (Access-Control-Allow-Origin) in API Gateway so they are returned with every response.

@bishop339 Ай бұрын

Good.

@mantrax314 2 ай бұрын

Thanks!

@Majesticcloud 2 ай бұрын

You're welcome and thank you too!

@vaibhavsrivastava4645 Ай бұрын

Good

@iamchiragarora Жыл бұрын

What if a Lambda Function is returning HTML Code. How to authenticate that? In simple words, if the Authentication Header is not present or is not valid, how to redirect to the Cognito UI?

@MrThejoseph007 6 ай бұрын

hey, have you figured out the approach to achieve this with cookies?