Service to service OAuth2.0 Client Credentials Flow using AWS Cognito and API Gateway

Показать описание

References:

Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. APIs act as the "front door" for applications to access data, business logic, or functionality from your backend services. Using API Gateway, you can create RESTful APIs and WebSocket APIs that enable real-time two-way communication applications. API Gateway supports containerized and serverless workloads, as well as web applications.

API Gateway handles all the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management, CORS support, authorization and access control, throttling, monitoring, and API version management. API Gateway has no minimum fees or startup costs. You pay for the API calls you receive and the amount of data transferred out and, with the API Gateway tiered pricing model, you can reduce your cost as your API usage scales.

Amazon Cognito allows app developers to create their own OAuth2. 0 resource servers and define custom scopes in them. Custom scopes can then be associated with a client, and the client can request them in OAuth2. 0 authorization code grant flow, implicit flow, and client credentials flow.

#AWSAPIGateway #APIGateway #AWSCognito #OAuth2

Рекомендации по теме

Комментарии

Super helpful, concise and real-world. Was difficult to get this distilled information from the documentation.

etarasov

You got a sub for this one. WHY CAN'T AWS WRITE DECENT DOCS?! It's so convoluted, unless you use CLI, like not everyone wants to be ALL AWS all the time, many are AD federated SSO etc, or we're devs who don't have access to reconfigure our SSO etc, so IDP is great, but they need to make it more staightforward or doc better. THANK YOU for this video.

zacharyohare

Hello Raavi, very good job, straight forward, simple demo, very organized on the content, good explanation

ganeshbabu

I followed the same to setup the credentials in cognito, don’t have any API gateway. But getting unauthorised while calling the API using the client secret and credential

ankitapatidar

Hi thanks for a nice explanation, i have follwed video facing one issue i am getting 403 in postmen, and when testing from authorizer it is 401

dharmendrakumarsingh

Service to service OAuth2.0 Client Credentials Flow using AWS Cognito and API Gateway

Service to service OAuth2.0 Client Credentials Flow using AWS Cognito and API Gateway

OAuth 2 Explained In Simple Terms

Automatically Refresh OAuth2.0 Access Tokens | Postman Level Up

OAuth 2.0 explained with examples

[Tutorial] Spring OAuth2 Client service - The easy way

How to create Google Oauth2 Service account credentials.

Authentication to Google API Services | Enable Credentials for Google API Services

How to create Google OAuth Credentials (Client ID and Secret)

4D Webinar - What's new in 4D 20 R5 [English - North America]

OAuth2 0 Authorization with Postman

Salesforce Inbound - OAuth 2.0 Client Credentials Flow for Server-to-Server Integration

Google Cloud Platform Credentials | Using OAuth 2.0 to Access Google APIs | Client ID, access token

Securing a Rest API using Custom OAuth2 Authorization Server - Part 1

OAuth 2.0 Implementation with Spring Security and Spring Boot | Full Example

How to OAuth 2.0 Authorization with Postman | Generate Google Access Token in Postman | Step By Step

ID Tokens VS Access Tokens: What's the Difference?

Generating access token for OAuth 2.0 programmatically automation purpose

Microsoft Azure REST API Tutorial | PowerShell | Oauth2.0 Client Credential Flow

ServiceNow OAuth 2.0 inbound integration | OAuth 2.0 ServiceNow Complete setup in 10 min with ease

POSTMAN API OAUTH2 CLIENTCREDENTIALS

How to consume APIs with OAuth2.0 scopes | Example with Google Services API

ServiceNow OAuth 2.O Part -I

OAuth 2.0: An Overview

Creating an OAuth 2.0 Service Provider Using cURL