Authenticate AWS Gateway request against Cognito user pool using the acces token instead of the id token?

Question

Hi!

I'm building a new API using AWS Gateway, and I need to authenticate the requests agains my already working Cognito user pool using the acess token instead of the id token, but I did not manage to do it even changing the scopes of the methods in the gateway.

I read that is not very secure to send back to the frontend the id token instead of the access token to do the requests. So we are using the access token to do the request to my already existing API (That is not built with AWS Gateway).

How can I make the AWS Gateway work with the access token instead of the id token when the frontend send a request to this new API I need?

Thank you guys!

Accepted Answer

Hi,

Please refer the link below on how to configure an API Gateway to work with cognito access tokens: https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-enable-cognito-user-pool.html

Also, there is a related article on the knowledge centre which may also be helpful.

https://repost.aws/knowledge-center/cognito-custom-scopes-api-gateway

Thanks,
Rama

Authenticate AWS Gateway request against Cognito user pool using the acces token instead of the id token?

相关内容