By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

cognito client_credential flow using lambda triggers

0

Good morning I have the following scenario protecting the cognito client_credential flow with additional programmatic control using cognito lambda triggers. After a bit of testing and reading the documentation I saw that the lambda triggers are only valid for user-type flow access and not for the client_credential flow. There is a way to add on cognito or with an external AWS service (like WAF ACL) to limit a maximum of 24 tokens per day for a single clientId always flow client_credential. Thanks in advance

Topics
Security, Identity, & Compliance
Tags
AWS WAFAmazon CognitoAmazon Cognito User Pools
Language
English
tino
asked 16 days ago86 views
1 Answer
0

Currently, no lambda trigger would be fired during client_credential flow. So, you might build one own backend REST API to relay the client credential flow request and control the access there. one own backend REST API - could be implemented by APIGateway+lambda serverless or a EC2 or any other possible REST API framework you like.

profile pictureAWS
Yungang
answered 14 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content