AWS recently announced that Amazon API Gateway requests can now be authorized with Amazon Verified Permissions. With this feature, HTTP requests containing tokens issued by Amazon Cognito can be used

InfoQ is a leading online platform for software developers, architects, and technical leaders, providing news, articles, presentations, and interviews on a wide range of topics, including agile practices, DevOps, microservices, and emerging technologies. With a focus on quality content and expert insights, InfoQ helps professionals stay informed about the latest trends, best practices, and industry developments. Developers can learn from real-world experiences, gain  knowledge, and connect with peers in the global software community through InfoQ's diverse and engaging content.

InfoQ

AWS has announced that Amazon API Gateway requests can now be authorized with Amazon Verified Permissions. This runtime authorization engine allows fine-grained authorization models to be built and evaluated in real-time. By leveraging AWS Cognito tokens and the Lambda Authorizer, users can enhance access control. Alternative approaches for access control include OpenFGA and Permit.io's Policy Decision Point.

API Access with Verified Permissions and Cognito