cognito - pure api authentication

Question

Hello, I would like to use cognito as my user management solution, but my application won't have a front-end, just an api (using amazon api-gateway), is it possible to authenticate endpoints without manually grabbing key from amazon hosted login front ? my use case should work like that : I manually create user in cognito -> user logs in through basic authentication post method -> user receives api token that he can use for all api calls he is authorised for. Is such use case possible ?

Answer

You can [control access to a REST API using Amazon Cognito user pools as authorizer](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-integrate-with-cognito.html) is one of the ways [controlling and managing access](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-control-access-to-api.html) in API Gateway.

Depending in your use-case, I recommend take a look to use [API keys for usage plans](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-api-usage-plans.html), since you'll have a more control for usage.

Each method has its trade-offs and affinity with some use0cases, but the ths first link should give you the path straightforward for your question.

cognito - pure api authentication

相关内容