AWS HTTP API with Cognito JWT Token Authentication
Below you can find the minimal instructions to use the code in this repository. More information about this setup can be found in my blog post: Using Amazon Cognito JWT tokens to authenticate with an Amazon HTTP API.
Deploy the CloudFormation stack with the following AWS CLI command:
aws cloudformation create-stack --stack-name "cognito-apigateway" --template-body file://stack.yaml
Once the stack is succesfully created, find the outputs either in the AWS Console or using the following command:
aws cloudformation describe-stacks --stack-name "cognito-apigateway" --query 'Stacks.Outputs'
Set these values to the correct variables in the commands.sh file.
Now execute this file:
- Execute a non-authenticated request to the API: this will return a 401 Unauthorized
- Create and confirm a test user. The e-mail address doesn't have to exist
- Request a JWT token using the username's e-mail and password
- Execute an authenticated request to the API using the JWT token: this returns a 200 OK
Simply delete the CloudFormation stack to get rid of all the created resources:
aws cloudformation delete-stack --stack-name "cognito-apigateway"