Tweet
Tweet

Slide 1

Slide 1 text

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Hey !!! - Pradheepa Pullanieswaran, @pradheepa - Staff Developer Advocate, Okta - AWS Community Builder - Excited about all things serverless and security - Running Identity and Security Meetup - https://www.linkedin.com/in/pradheepa

Slide 2

Slide 2 text

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. - API Definition - HTTP API - Supported Authorization Types - Auth0 JWT Authorizer Agenda

Slide 3

Slide 3 text

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Application Programming Interface (API) Client Request Response API Web Server DB

Slide 4

Slide 4 text

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Gmail API Base URL : https://gmail.googleapis.com

Slide 5

Slide 5 text

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon HTTP API Cost Efficiencies by 70% Reduced Latency by 70% Easier and Faster to implement

Slide 6

Slide 6 text

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. HTTP Vs REST API Authorization

Slide 7

Slide 7 text

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. What we are building today? AWS Request Response JWT Authorizer Authzn Server Client

Slide 8

Slide 8 text

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Client makes a request to the API AWS Request JWT Authorizer Authzn Server

Slide 9

Slide 9 text

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. API GW makes a request to the JWT Authorizer AWS

Slide 10

Slide 10 text

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. JWT Authorizer sends to JWKS of Authzn server AWS

Slide 11

Slide 11 text

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. JWT Authorizer validates token, pass to API GW AWS

Slide 12

Slide 12 text

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. API GW triggers Lambda AWS

Slide 13

Slide 13 text

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Lambda returns the response to API GW AWS

Slide 14

Slide 14 text

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. API GW returns the response client AWS Json Response

Slide 15

Slide 15 text

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. HTTP API Gateway

Slide 16

Slide 16 text

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Lambda Integration with HTTP API

Slide 17

Slide 17 text

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. JWT Authorization

Slide 18

Slide 18 text

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Demo

Slide 19

Slide 19 text

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Thank you! © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Please complete the session survey in the mobile app Pradheepa Pullanieswaran @pradheepa linkedin.com/in/pradheepa