men6288
Reputation: 69
Authorization for API gateway external requests
Currently I have set up an API gateway that external systems will use. What are some good ways which you can handle authorization to the endpoints?
I know API gateway provides keys out of the box but that really doesn't help with the authorization.
Thanks!
Upvotes: 2
Views: 487
Answers (1)
Allan Chua
Reputation: 10175
I would recommend considering:
- Cognito Authorizer Lambdas (Link)
- JWT Authorizer Lambdas (Link)
- CORS introduction in API gateway level (Link)
Other forms of protection that might be helpful are:
- Level 7 Protection - AWS WAF (Link)
- Layer 3 & 4 Protection - AWS Advance Shield (Link)
- Rate Limiting Feature of API Gateway (Link)
Upvotes: 1
Related Questions
- API Gateway cross account access
- API Gateway configuration returns 403
- authorization for API gateway
- Access API Gateway from EC2
- AWS API Gateway to External REST API
- How to authenticate api gateway call to another api gateway
- OAuth for Amazon API GAteway
- How do you pass Authorization header through API Gateway to HTTP endpoint?
- AWS API Gateway security
- AWS API Gateway with external authentication