Use JWT Authorizers with Amazon Cognito and API Gateway

preview_player
Показать описание
HTTP endpoints in API Gateway have the ability to secure resources by first validating a JWT token.

In this example, we'll use Amazon cognito's hosted UI to to create a JWT and configure an API Gateway to only provide a lambda response if it's valid.

cognito issuer endpoint:

grabbing the jwt from the url:
  1. Focus Otter
  2. jwt
  3. cognito
  4. api gateway
  5. serverless
Рекомендации по теме
Use JWT Authorizers 0:13:48

Use JWT Authorizers with Amazon Cognito and API Gateway

Tutorial: How to 0:13:10

Tutorial: How to add security to a REST API using JWT Authorizers and Amazon Cognito | JWT Token

Secure your API 0:24:31

Secure your API Gateway with Lambda Authorizer | Step by Step AWS Tutorial

API Gateway HTTP 0:11:13

API Gateway HTTP JWT Authoriser with OAuth2 (eg. Auth0) | Serverless Security

Amazon HTTP API 1:18:01

Amazon HTTP API gateway authorization full hands-on video | JWT | IAM | Lambda - AWS

Sessions With SAM 0:31:02

Sessions With SAM (S1E1): Simple HTTP API with JWT Authorizer

JWT Authorizer with 0:21:00

JWT Authorizer with Amazon Cognito | HTTP API - Amazon HTTP API p14

Secure API Gateway 0:12:57

Secure API Gateway with Lambda Authorizer | How to add Lambda Authorizer to API Gateway | Hands-On

How to validate 0:22:09

How to validate JWT access token via lambda authorizer - Amazon HTTP API tutorial p18

AWS Api-Gateway | 0:17:47

AWS Api-Gateway | Authorizers - AWS_IAM, Cognito(JWT), Custom(Lambda)

How to integrate 0:23:30

How to integrate Auth0 with AWS API Gateway JWT Authorizer?

Secure API Gateway 0:33:32

Secure API Gateway using Lambda Authorizer (NEW)

Create Cognito User 0:13:29

Create Cognito User Pool and Use Cognito Access Token for JWT Authorizer in HTTP API Gateway

How to integrate 0:19:32

How to integrate Okta with AWS API Gateway JWT Authorizer?

Secure your API 0:31:18

Secure your API Gateway with Amazon Cognito User Pools | Step by Step AWS Tutorial

API Gateway LAMBDA 0:42:54

API Gateway LAMBDA AUTHORIZER (Custom Authorizer) | REST APIs | .NET ON AWS | AWS Serverless

Learn in Very 0:13:40

Learn in Very easy way How to use AWS Cognito with API gateway and Lambda and secure your with JWT

How to integrate 0:34:39

How to integrate AzureAD B2C with AWS API Gateway JWT Authorizer?

Secure API Gateway 0:29:51

Secure API Gateway using Cognito Authorizer (NEW)

Secure API Gateway 0:10:30

Secure API Gateway HTTP APIs endpoints with JWT authorizer using Cognito

Keycloak: AWS API 0:11:45

Keycloak: AWS API Gateway JWT Authorizer

Secure API Gateway 0:18:45

Secure API Gateway with a Lambda authorizer - Implementing a custom authorizer

AWS re:Invent 2020: 0:28:44

AWS re:Invent 2020: Serverless API authentication for HTTP APIs on AWS

How To: Authorize 0:04:28

How To: Authorize AWS API With JWT & Cognito (4 Min) | API Gateway with JWT Authorizer, User Poo...

Комментарии
Автор

Him: "I hate when folks don't give you all the little details that you might need..."
Me: Subscribed

Munk-tttz
Автор

That was awesome. Some people would have turned that into an hour long video and not covered all the details either. Perfect and to the point in under 14 minutes.

robbieleegames
Автор

Thanks for this concise and helpful - so many incorrect videos out there that obviously do not understand OAuth and copying from the same incorrect source.
Warning - AWS has significantly changed various areas and you need to switch back to the Cognito v1 (on the left side menu) to make this work as expected... Yay AWS!

marshalsea
Автор

This was incredibly helpful! You did a great job explaining everything thoroughly. Great quality content, keep it up man! 🙏💪

Tecnologik
Автор

I immediately wanted to click subscribe just because of your vibe - but I waited til you said there would be flubs and I was like "ok this guy is cool" - and actually kind of inspiring to me, too :)

phillipsharring
Автор

Thanks 🙏. Please make another video where we can learn how to assign role and how to allow users with different roles to access different resources.

valirjonathan
Автор

Huge Thank you! Simple, thorough, and spot on!

hamidapremani
Автор

First time i feel i need to comment on a video - dude, you are amazing!

KATABU
Автор

Thanks for doing this! Really helpful and truly appreciated!

zhongdaochen
Автор

dayum, my man makes it look so ez lol, great video! keep up the great content!

normanluismadrid
Автор

Yeah Michael, way to get it together! Great job

CloudBart
Автор

Great video Michael, tracking you man.

khandoor
Автор

I just had to subscribe your chennel, because I was looking for some video like your for days and you save me! Thanks a lot!!!

heyralfs
Автор

really helpful, resolved some real issue for me :D

jigishpthakar
Автор

Nice video, good clear speaking voice, thanks!

justinphilpott
Автор

Thank you man. Good video and very updated!!

tacosdecamaron
Автор

Dude you earned my sub! Awesome tutorial :D

ricardosmith
Автор

this was great, thank you! however i have a question. i have this API connected to my lambda function as a trigger, and i have a slack app which in event subscription, takes in an endpoint (in this case it is my newly authorized endpoint configured in my lambda function). however, because the API is protected, slack won't be able to verify it or access it. how can i enable slack to access this? thank you again for the vdeo!

balawalchaudry
Автор

thank you! you made it very easy to follow.

pourmog
Автор

Nice tutorial and well explained. I thought AWS Cognitoruns on the backend, but I see it writes out the tokens in local storage on the client.

skverskk