Configuring machine to machine Authentication with Amazon Cognito and Amazon API Gateway – Part 2
AWS Cloud Operations Blog
This article provides a step-by-step guide for implementing secure machine-to-machine (M2M) authentication using Amazon Cognito and Amazon API Gateway, with the client credentials grant.
Specifically, the article covers:
- Setting up Amazon Cognito user pool, creating a confidential client and OAuth 2.0 client credentials grant for M2M authentication, and creating custom scopes for access control
- Integrating Amazon Cognito with Amazon API Gateway to secure the API by creating an authorizer and adding authorization scopes to API methods
- Testing the secured API using Postman by obtaining an access token from Amazon Cognito and making authorized requests to the API Gateway
- Differences between this solution and AWS App Mesh, which handles east-west traffic between services, while this solution is designed for north-south, externally originated traffic
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Jul 9
2024
2024
Configuring machine to machine Authentication with Amazon Cognito and Amazon API Gateway – Part 1
Jan 13
2025
2025
How to monitor, optimize, and secure Amazon Cognito machine-to-machine authorization
Apr 24
2024
2024
Authorize API Gateway APIs using Amazon Verified Permissions with Amazon Cognito or bring your own identity provider
Mar 3
2025
2025
Amazon Cognito now supports access token customization for machine-to-machine (M2M) authorization flows
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.