https://tofl.github.io/docs/6-api-layer-authentication-api-gateway-cognito/Recent content in API Layer & Authentication on 🏠Hugoen-ushttps://tofl.github.io/docs/6-api-layer-authentication-api-gateway-cognito/api-gateway/Mon, 01 Jan 0001 00:00:00 +0000https://tofl.github.io/docs/6-api-layer-authentication-api-gateway-cognito/api-gateway/<h1 id="api-gateway">API Gateway<a class="anchor" href="#api-gateway">#</a></h1> <p>Amazon API Gateway <a href="https://docs.aws.amazon.com/apigateway/latest/developerguide/welcome.html">🔗</a> is a fully managed service for creating, publishing, and securing APIs at any scale. The core problem it solves: your backend logic (a Lambda function, an EC2 service, or any HTTP endpoint) isn&rsquo;t directly accessible to clients in a controlled, secure, or scalable way. API Gateway sits in front of those backends and handles routing, authentication, throttling, and protocol management — so you don&rsquo;t have to build any of that yourself.</p>https://tofl.github.io/docs/6-api-layer-authentication-api-gateway-cognito/cognito/Mon, 01 Jan 0001 00:00:00 +0000https://tofl.github.io/docs/6-api-layer-authentication-api-gateway-cognito/cognito/<h1 id="cognito">Cognito<a class="anchor" href="#cognito">#</a></h1> <p>Managing user authentication from scratch is a significant engineering effort: you need to handle password hashing, account recovery, MFA, token issuance, session management, and more. Amazon Cognito <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/what-is-amazon-cognito.html">🔗</a> solves this by providing a fully managed identity service that handles user sign-up, sign-in, and access control so you can focus on your application logic instead of reinventing auth infrastructure.</p> <p>Cognito has two distinct building blocks that are often used together but serve fundamentally different purposes: <strong>User Pools</strong> and <strong>Identity Pools</strong>.</p>