Serverless Architectures on AWS

Chapter 5. Authentication and authorization

This chapter covers

Authentication and authorization in serverless architecture
Auth0 as a central service for authentication
JSON Web Tokens and delegation tokens
AWS API Gateway and custom authorizers

One of the first questions we’re asked is usually about authentication and authorization in a serverless environment. Without a server, how does one authenticate users and secure access to resources? To help answer these questions, we introduce an AWS service called Cognito and another (non-AWS) service called Auth0. We also introduce the AWS API Gateway and show how to use it to create an API. We show you how to secure this API using custom authorizers and connect it to Lambda functions. Lastly, ...

Get Serverless Architectures on AWS now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Serverless Architectures on AWS by Peter Sbarski, Sam Kroonenburg

Chapter 5. Authentication and authorization

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly