AWS API Gateway Backend Protection
Use AWS API Gateway to control access to your backend. When API calls are made to your routes, API Gateway verifies the caller's identity and grants access only if the caller is authorized to access the route.
Step-by-step guide
Follow the steps below to protect your AWS resources using the AWS API Gateway authorizer:
Step 1: Create authorizer
- In your AWS Console, navigate to the API Gateway section and go to the Authorization tab.
- Click Create to create a new authorizer and attach it.
Step 2: Fill in the parameters
Provide the following parameters for the authorizer:
Parameter | Value |
---|---|
Name | A logical name for your authorizer to recognize it. |
Identity Source | Typically, this will be the Bearer authentication header. Set it to $request.header.Authorization . |
Issuer URL | In Frontegg, go to Workspace Settings ➜ General. Copy your workspace name and replace [your-workspace-name] in the following URL: https://[your-workspace-name].frontegg.com |
Audience | In Frontegg, go to Workspace Settings ➜ General. Copy your Client ID and use it for the Audience. |
After filling in these details, click Create and attach.
Your AWS API Gateway will now protect your routes based on the identity issued by your Frontegg workspace.