Reputation: 175
How to pass Cognito token to Amazon API Gateway?
I'm developing web app based on Amazon API Gateway. Now I created Facebook login and successfully logged into website. but when I call another API, everything gone. I think I should pass Cognito token when call API everytime. am I right?
if yes, how to pass Cognito token to API? like header? or another way?
Thanks,
Upvotes: 12
Views: 10975
Answers (1)
Reputation: 993
You are using the "Basic Authflow" from cognito identity, which means you will need to get credentials for your users by calling STS's "AssumeRoleWithWebIdentity". Here is some documentation to help: http://docs.aws.amazon.com/cognito/devguide/identity/concepts/authentication-flow/
Once you have credentials, you can instantiate the API Gateway Client:
var client = apigClientFactory.newClient({
accessKey: ACCESS_KEY,
secretKey: SECRET_KEY,
sessionToken: SESSION_TOKEN });
The keys and tokens come from the result of the "AssumeRoleWithWebIdentity" call.
If you have configured your IAM roles, and Authorizations correctly you should be able to access your API.
Here is the documentation describing how to configure the roles & authorization: http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-method-settings.html#how-to-method-settings-callers-console
Also, here is how to enable CORS - http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-cors.html
Upvotes: 16
Related Questions
- API Gateway Cognito Authorizer not authorizing Access Token but will authorize Id Token: 401 Unauthorized
- Cognito login with tokens
- OAuth Cognito ID token unauthorized
- How can I authenticate my api gateway with cognito?
- How can I use Cognito to authenticate requests to my API without using AWS API Gateway
- How to use AWS Cognito to authenticate API Gateway
- How to generate access token for an AWS Cognito user?
- AWS Cognito Rest API to get the token
- Exchange token from AWS Cognito to AWS API Gateway
- How do I use a Cognito token with API?