Amazon API Gateway customers can easily secure APIs using Amazon Verified Permissions
News
The article summarizes a new feature from Amazon that allows API Gateway customers to easily secure their APIs using Amazon Verified Permissions and an OIDC-compliant identity provider.
Specifically, the article covers:
- Overview of the feature: providing fine-grained access controls based on user attributes and group memberships without writing code
- How it works: a wizard to connect Verified Permissions with API Gateway and an identity provider, generating an authorization model and Cedar policies, and deploying a Lambda authorizer
- Getting started: using the Verified Permissions console to import using API Gateway and an identity provider
- Partnerships with identity providers like CyberArk, Okta, and Transmit Security for testing
- Availability in all regions where Verified Permissions is available
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Apr 24
2024
2024
Authorize API Gateway APIs using Amazon Verified Permissions with Amazon Cognito or bring your own identity provider
Nov 21
2025
2025
Enhancing API security with Amazon API Gateway TLS security policies
Nov 20
2025
2025
Amazon API Gateway now supports additional TLS security policies for REST APIs
Jun 17
2025
2025
Secure your Express application APIs in minutes with Amazon Verified Permissions
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.