- Newest
- Most votes
- Most comments
There is a workshop that shows you how you can integrate Cognito User Pools with API Gateway - https://auth.serverlessworkshops.io/
Usually some front-end application like a Single Page App or a mobile app will use Cognito's Sign-up capabilities for creating users in the Cognito User Pool and then use Cognito's Sign-in capabilities to authenticate users using their username/passwords. Once the user is authenticated by the Cognito User Pool, a JWT token will be generated (can be identity token or access token) by the Cognito User Pool. The front-end application needs to pass either the identity token or the access token in the header of the API request made out to AWS API Gateway.
The documentation here talks about the Cognito provided UI as well as AWS Amplify/mobile SDKs for sign-up/sign-in using the Cognito User Pools - https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-app-integration.html
There is also documentation on APIs that can be used to achieve the same - https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/Welcome.html
This talks about using Cognito User Pools as an authorizer in API Gateway - https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-integrate-with-cognito.html and https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-enable-cognito-user-pool.html
I would also recommend going through this blog to understand how Cognito User Pools and Cognito Identity Pools integrate with API Gateway - https://aws.amazon.com/blogs/compute/secure-api-access-with-amazon-cognito-federated-identities-amazon-cognito-user-pools-and-amazon-api-gateway/
Relevant content
- asked 2 years ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated 2 years ago