More and more applications, both mobile and web, rely on managed services such as Amazon Cognito for user authentication and authorization. Cognito allows you to rapidly develop secure applications adhering to recognized security standards for authentication and authorization of end-users.

Leveraging a fully managed service allows developers to stop worrying about the authentication flow and the user pool management, leaving them free to focus on what matters: the business logic of their products.

However quite often we would like to federate with our application third-party service or another microservice.

While Cognito is mainly used for user authentication flows, it can also be used to create a machine to machine authentication system.

In this article, we’ll describe how Cognito can be used to authenticate a client system that needs access to a set of sensitive APIs exposed by a service.

However, before deep-diving into the description of the solution, it could be useful to describe the services involved.

#cognito #authorization #oauth2 #cognito-user-pools #authentication #machine-learning