Reputation: 63
How can I authenticate a backend service against my AWS Api Gateway
I have a lambda function running behind the aws api gateway, that acts as the backend for my website. It uses a cognito authorizer to authenticate the users of my website. This works fine.
Now I need to authenticate a c# backend service against the api that is not running in the cloud has no user interaction. It should just synchronize data.
My initial plan was to configure cognito credentials and log into the cloud via the cognito sdk but this is not possible as the app would then need developer access to my cloud.
I also thought about using the api gateway api keys but I would still need the cognito authentication then.
So how can I authenticate my c# service against my aws api without user interaction being nessecary?
Upvotes: 1
Views: 171
Answers (1)
Reputation: 2155
You could use Cognito User Pool Authentication.
This is an OpenID implementation where Cognito issues JSON Web Tokens (JWTs) where the signature of a JWT can be verified with a public endpoint.
In the context of API Gateway, you would use a Lambda as a custom authorizer, but the tokens could be verified in any environment/language with a relevant JWT Library.
More reading: Verifying a JWT issued by Cognito
Upvotes: 0
Related Questions
- Authenticate users in AWS Api Gateway with Cognito
- using api gateway with aws cognito for protected routes
- How can I authenticate my api gateway with cognito?
- AWS Cognito + API Gateway, Authorize based on username
- How can I use Cognito to authenticate requests to my API without using AWS API Gateway
- Integrate Cognito with API Gateway and static credentials
- How to use both service-to-service AND Cognito auth for API Gateway
- How to use AWS Cognito to authenticate API Gateway
- AWS Cognito and API Gateway Authentication
- How do I use AWS cognito response to authenticate API requests