Chapter 5. Authentication and authorization
This chapter covers
- Authentication and authorization in serverless architecture
- Auth0 as a central service for authentication
- JSON Web Tokens and delegation tokens
- AWS API Gateway and custom authorizers
One of the first questions we’re asked is usually about authentication and authorization in a serverless environment. Without a server, how does one authenticate users and secure access to resources? To help answer these questions, we introduce an AWS service called Cognito and another (non-AWS) service called Auth0. We also introduce the AWS API Gateway and show how to use it to create an API. We show you how to secure this API using custom authorizers and connect it to Lambda functions. Lastly, we show how to extend 24-Hour Video to provide sign-in, sign-out, and user-profile facilities by combining features of Auth0, API Gateway, and Lambda.