By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

API Gateway's REST API authentication using App ID, App Secret

0

I have gone through the PetStore example in API Gateway multiple rounds, it's able to perform simple GET/POST to public API. But how can i onboard and achieve the API authentication in AWS where i could easily do it in Postman (as below)? Enter image description here

  • How to maintain AppID, Secret which generated from 3rd party platform
  • Based on the guides, the API is secured in method level using IAM, how to relate them in API Gateway where each external API calls is supported by active token Enter image description here

Thanks for the pointers

Regards, newbie weilies :D

Topics
ServerlessComputeFront-End Web & MobileNetworking & Content Delivery
Tags
AWS LambdaAmazon API Gateway
Language
English
weilies
asked 7 months ago293 views
1 Answer
0

Since you are using a third party identity provider (Idp) as authenticator, you can use Lambda Authorizer for access control of your API.

https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-use-lambda-authorizer.html

A Lambda authorizer is useful if you want to implement a custom authorization scheme that uses a bearer token authentication strategy such as OAuth or SAML, or that uses request parameters to determine the caller's identity.
profile picture
HS
answered 7 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content