AWS Security Blog

Tag: OAuth

How to add authentication to a single-page web application with Amazon Cognito OAuth2 implementation

In this post, I’ll be showing you how to configure Amazon Cognito as an OpenID provider (OP) with a single-page web application. This use case describes using Amazon Cognito to integrate with an existing authorization system following the OpenID Connect (OIDC) specification. OIDC is an identity layer on top of the OAuth 2.0 protocol to […]

Read More

Use AWS Lambda authorizers with a third-party identity provider to secure Amazon API Gateway REST APIs

Note: This post focuses on Amazon API Gateway REST APIs used with OAuth 2.0 and custom AWS Lambda authorizers. API Gateway also offers HTTP APIs, which provide native OAuth 2.0 features. For more information about which is right for your organization, see Choosing Between HTTP APIs and REST APIs. Amazon API Gateway is a fully […]

Read More

How to access secrets across AWS accounts by attaching resource-based policies

You can use AWS Secrets Manager to rotate, manage, and retrieve secrets such as database credentials and API keys throughout their lifecycle. And you can now use these secrets across AWS accounts by attaching resource-based policies to secrets. For example, you can manage secrets in one AWS account and grant employees or applications in other […]

Read More

How to rotate your Twitter API key and bearer token automatically with AWS Secrets Manager

October 24, 2019: Based on a customer’s feedback, we fixed some quotation marks and a missing comma in a policy statement. Previously, I showed you how to rotate Amazon RDS database credentials automatically with AWS Secrets Manager. In addition to database credentials, AWS Secrets Manager makes it easier to rotate, manage, and retrieve API keys, […]

Read More