Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Securing Amazon HTTP APIs with JWT authorizers
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
Pradheepa P
November 06, 2023
29
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Securing Amazon HTTP APIs with JWT authorizers
Pradheepa P
November 06, 2023
More Decks by Pradheepa P
See All by Pradheepa P
Demystifying JWT
pradheepa
0
34
WebAuthn Explained
pradheepa
0
100
Securing Amazon API Gateway using Auth0
pradheepa
0
27
Fostering Inclusivity and Equality
pradheepa
0
45
Take Your Authentication Beyond Passwords
pradheepa
0
79
Building Modern GraphQL APIs
pradheepa
0
36
Featured
See All Featured
BBQ
matthewcrist
89
10k
コードの90%をAIが書く世界で何が待っているのか / What awaits us in a world where 90% of the code is written by AI
rkaga
62
44k
The untapped power of vector embeddings
frankvandijk
2
1.8k
How To Stay Up To Date on Web Technology
chriscoyier
790
250k
The Art of Programming - Codeland 2020
erikaheidi
57
14k
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
10
1.2k
What's in a price? How to price your products and services
michaelherold
247
13k
Typedesign – Prime Four
hannesfritz
42
3.1k
Abbi's Birthday
coloredviolet
3
8.2k
No one is an island. Learnings from fostering a developers community.
thoeni
21
3.8k
How to train your dragon (web standard)
notwaldorf
97
6.7k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
31
2.8k
Transcript
© 2023, Amazon Web Services, Inc. or its affiliates. All
rights reserved. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Hey !!! - Pradheepa Pullanieswaran, @pradheepa - Staff Developer Advocate, Okta - AWS Community Builder - Excited about all things serverless and security - Running Identity and Security Meetup - https://www.linkedin.com/in/pradheepa
© 2023, Amazon Web Services, Inc. or its affiliates. All
rights reserved. - API Definition - HTTP API - Supported Authorization Types - Auth0 JWT Authorizer Agenda
© 2023, Amazon Web Services, Inc. or its affiliates. All
rights reserved. Application Programming Interface (API) Client Request Response API Web Server DB
© 2023, Amazon Web Services, Inc. or its affiliates. All
rights reserved. Gmail API Base URL : https://gmail.googleapis.com
© 2023, Amazon Web Services, Inc. or its affiliates. All
rights reserved. Amazon HTTP API Cost Efficiencies by 70% Reduced Latency by 70% Easier and Faster to implement
© 2023, Amazon Web Services, Inc. or its affiliates. All
rights reserved. HTTP Vs REST API Authorization
© 2023, Amazon Web Services, Inc. or its affiliates. All
rights reserved. What we are building today? AWS Request Response JWT Authorizer Authzn Server Client
© 2023, Amazon Web Services, Inc. or its affiliates. All
rights reserved. Client makes a request to the API AWS Request JWT Authorizer Authzn Server
© 2023, Amazon Web Services, Inc. or its affiliates. All
rights reserved. API GW makes a request to the JWT Authorizer AWS
© 2023, Amazon Web Services, Inc. or its affiliates. All
rights reserved. JWT Authorizer sends to JWKS of Authzn server AWS
© 2023, Amazon Web Services, Inc. or its affiliates. All
rights reserved. JWT Authorizer validates token, pass to API GW AWS
© 2023, Amazon Web Services, Inc. or its affiliates. All
rights reserved. API GW triggers Lambda AWS
© 2023, Amazon Web Services, Inc. or its affiliates. All
rights reserved. Lambda returns the response to API GW AWS
© 2023, Amazon Web Services, Inc. or its affiliates. All
rights reserved. API GW returns the response client AWS Json Response
© 2023, Amazon Web Services, Inc. or its affiliates. All
rights reserved. HTTP API Gateway
© 2023, Amazon Web Services, Inc. or its affiliates. All
rights reserved. Lambda Integration with HTTP API
© 2023, Amazon Web Services, Inc. or its affiliates. All
rights reserved. JWT Authorization
© 2023, Amazon Web Services, Inc. or its affiliates. All
rights reserved. Demo
© 2023, Amazon Web Services, Inc. or its affiliates. All
rights reserved. Thank you! © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Please complete the session survey in the mobile app Pradheepa Pullanieswaran @pradheepa linkedin.com/in/pradheepa