REST API Gateway - Add authentication using a Cognito authorizer
HTML-код
- Опубликовано: 5 авг 2024
- Today we are going to make our API Complete! In this video we will add authentication to our REST API Gateway, more specifically using Amazon Cognito. We want only authenticated and authorized users to be able to post to our API.
Timestamps:
- Intro: 0:00
- Create Cognito User Pool: 1:00
- Add Cognito as Authorizer 4:26
- Time for testing: 6:04
AWS documentation - Cognito user pool: docs.aws.amazon.com/cognito/l...
AWS documentation - Cognito App Client: docs.aws.amazon.com/cognito/l...
Subscribe button animation: touchtechnologyreview.com/sub...
Follow me on Github: github.com/endre-synnes
Thank you for the great tutorial. Please, create similar one for Rest API authorization using Cognito, but without UI using.
Thank you! 😄 Yes, I can do that. I guess you mean using AWS CDK, Terraform or some other IaC tools?
@@EndreSynnes Not exactly. I mean vanilla Rest API without UI and AWS SDK tools. Just CURL requests. Is it possible?
Sorry for the late response. I think I understand and the answer is yes, you can use CURL to authenticate a user. It's a long time since I have done that myself, but I think this example should work: stackoverflow.com/questions/58833462/aws-cognito-authentication-curl-call-generate-token-without-cli-no-clien
I have one qq related the redirect .. I have UI Application running on ECS and the Authentication is set in the Application using OAUTH2 .. I am accessing this application using route53 -> API Gateway -> NLB -> ALB -> ECS .. the first index page loads perfectly and then when I click login button with OAUTH2 ... authentication is successful and the OAUTH server is sending a redirect URL .. but after that second page is not loading ..its saying page cannot be found ... have you seen this issue before
we have VPC Integration with API gateway and Lambda Authorizer is also enabled with API Gateway
Hi, I'm sorry for the late response.
Thanks for the question and explanation of your setup. Still, it's kind of hard to know exactly where this can go wrong since there are a lot of services and config in play 🤔 Did you manage to figure out the issue?
I used the same, but in my case it is giving me the error of Authentication window was closed
Hi 😊
I'm sorry for the late response. I haven't been able to replicate this error message, but I can see that Cognito has made a lot of changes since I made this video and I also now had some issue with Implicit Flow grant type, where postman stops with I white page (github.com/postmanlabs/postman-app-support/issues/8319). I managed to make it work using the Authorization Code grant type. I don't know if that may be an alternative for your application? 😊 I'll try to look into why there seems to be an issue with implicit flow.
Can I pay you to show me how to implement this on client side with java?
Hi, I'm sorry for the late response.
Thank you for the request, but I currently don't do freelance work. I will gladly make videos on topics that you, my viewers suggest, and I will gladly try to answer any question related to my videos here on RUclips 😄