Clarify how to authorise and use API

Question

Clarify how to authorise and use API

kaihendry opened this issue 8 years ago · 4 comments

Are you basically saying that your user needs to be in the pool to invoke it? Or can you show a curl that shows it successfully works once authorised?

Answer 1 · 2017-01-24T21:36:30.000Z

@kaihendry Sorry what do you mean?

I only created this repo as a demo for my patch to serverless

Answer 2 · 2017-01-25T01:35:48.000Z

I'm trying to understand the demo. I think the idea is to use this to protect an API by authorising usage by users in a pool. Is that correct?

https://github.com/johnf/serverless-cognito-demo/blob/master/serverless.yml

So once that's been done, I am puzzled to actually then use the API and authorise against it, using curl or a browser.

Answer 3 · 2017-06-23T18:42:21.000Z

Have you developed some example since then @kaihendry ? Im going through the same doubts 🤔

Answer 4 · 2017-06-25T00:21:21.000Z

Hi,

Apologies I didn't get to this the first time around. To authorise this you need to authenticate the user using the cognito SDK. Details are at

https://github.com/aws/amazon-cognito-identity-js