By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Authenticate AWS Gateway request against Cognito user pool using the acces token instead of the id token?

0

Hi!

I'm building a new API using AWS Gateway, and I need to authenticate the requests agains my already working Cognito user pool using the acess token instead of the id token, but I did not manage to do it even changing the scopes of the methods in the gateway.

I read that is not very secure to send back to the frontend the id token instead of the access token to do the requests. So we are using the access token to do the request to my already existing API (That is not built with AWS Gateway).

How can I make the AWS Gateway work with the access token instead of the id token when the frontend send a request to this new API I need?

Thank you guys!

Topics
ServerlessFront-End Web & MobileNetworking & Content DeliverySecurity, Identity, & ComplianceAWS Well-Architected Framework
Tags
Amazon API GatewayAmazon CognitoSecuritySupport API
Language
English
cao95
asked 4 months ago172 views
1 Answer
0
Accepted Answer

Hi,

Please refer the link below on how to configure an API Gateway to work with cognito access tokens: https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-enable-cognito-user-pool.html

Also, there is a related article on the knowledge centre which may also be helpful.

https://repost.aws/knowledge-center/cognito-custom-scopes-api-gateway

Thanks, Rama

profile pictureAWS
Rama
answered 4 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content