Blog Logo
TAGS

AWS Cognito and Web Applications – Protecting and Accessing APIs (JavaScript and .NET Core)

A typical web application consists of a frontend (HTML, JavaScript, CSS), a backend (e.g. REST API) and database for persistence. Token based authentication is a very common way to manage authentication and authorization information back and forth in the web applications. In this post, we are going to see how to allow web applications running in user browser to securely communicate with backend APIs with the help of AWS Cognito user pool. We will cover topics such as integrating AWS Cognito User Pool and .NET Core Web API, testing API access using Postman REST client, and integrating web frontend (HTML, JavaScript, CSS) to make authenticated calls to .NET Core Backend API. The solution involves validating JWTs issued by AWS Cognito, and the flow includes steps such as user authentication, obtaining tokens, and making authenticated requests to the API Gateway and .NET Core API.