Testing Amazon Cognito backed APIs using Amazon CloudWatch Synthetics
AWS Cloud Operations Blog
This article provides a step-by-step guide for testing Amazon API Gateway APIs that are protected by Amazon Cognito User Pools using Amazon CloudWatch Synthetics.
Specifically, the article covers:
- Setting up an Amazon Cognito User Pool with a domain, resource server, and user pool client
- Configuring an Amazon API Gateway with a Cognito User Pool authorizer
- Storing Cognito client secrets in AWS Secrets Manager
- Creating an IAM role and policies for the CloudWatch Synthetics canary
- Creating a CloudWatch Synthetics canary that authenticates with Cognito to obtain a JWT token, and uses the token to make requests to the protected API Gateway endpoint
- Conclusion and clean-up steps
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Jul 2
2024
2024
Reduce code duplication in load testing and synthetic monitoring using Amazon CloudWatch Synthetics
May 10
2024
2024
Testing and debugging Amazon CloudWatch Synthetics canary locally
May 28
2025
2025
Amazon CloudWatch Synthetics Adds Java Runtime for Lightweight API Monitoring
Sep 2
2025
2025
Amazon CloudWatch Synthetics adds multi-browser support for application testing
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.