By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

How to implement Basic Authentication in API gateway

0

I have an API proxy, I want to implement Basic Authentication mechanism for it.

curl -v https://example.com/dev/test
-H "Authorization: Basic {clientID:ClientSecret - Base64EncodedValue}"

I do not want to get an access token from Cognito and make another request to the API gateway.

Topics
ServerlessFront-End Web & MobileNetworking & Content Delivery
Tags
Amazon API Gateway
Language
English
Rohit
asked 2 months ago212 views
1 Answer
0

You can use API Gateway Lambda authorizers to validate the username and password. The Lambda would receive the request extract the Base64-encoded credentials, decode them, and then verifies the username and password against credentials from a database. The Lambda then generates a policy indicating what the user can and can't do e.g. GET /users. The policy is then cached so the Lambda authorizer isn't called on every request.

AWS
matthew_d
answered 2 months ago
profile picture
EXPERT
Mikel Del Tio
reviewed 2 months ago
  • Rohit
    2 months ago

    What is the use of "API key required" check box under the path API Gateway -> APIs -> Proxy -> Resources?

  • matthew_d
    a month ago

    API keys in API Gateway are used to manage access to APIs and monitor API usage. You can configure usage plans and API keys to allow customers to access selected APIs, and begin throttling requests to those APIs based on defined limits and quotas. These can be set at the API, or API method level.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content