AWS Mobile Blog

Category: Best Practices

Implement AWS AppSync custom authorization with pipeline resolvers

AWS AppSync is a fully managed serverless GraphQL service for application data with integrated real-time data queries, synchronization, communications, and offline programming features. The AppSync endpoints provide built-in fine-grained API security based on four different modes, always requiring authorization before allowing access to clients: API Keys (API_KEY) Amazon Cognito User Pools (AMAZON_COGNITO_USER_POOLS) OpenID Connect (OPENID_CONNECT) […]

Read More

GraphQL API Security with AWS AppSync and Amplify

This article was written by Brice Pellé, Principal Specialist Solutions Architect, AWS AWS AppSync is a fully managed service which allows to deploy and interact with serverless scalable GraphQL backends on AWS. AppSync uses security best practices that AWS has developed operating large systems at scale in the cloud, with built-in DDoS protection in all […]

Read More