API Keys

Explore the concept of API keys in AWS API Gateway, their role in simple client identification and authorization, and how to create and manage keys effectively. Understand typical use cases for API keys in public APIs and best practices for securing them to prevent misuse and unexpected costs.

We'll cover the following...

What's an API key?
Create an API key
API gateway console
Typical usecase

What's an API key?

We’ve seen JWT and OAuth tokens used to authenticate and authorize APIs. They’re great for the security and robustness of the system. However, there are times when they seem too excessive for what we need. At times, a complex password is enough to take us through. Not because the hackers have stopped attacking us, but because the risk doesn’t justify the overheads of other forms of security.

An API key is a complex string we can use to identify a client making the API call. API Gateway expects this key in a request header, x-api-key. Based on this key, the API ...

1.Introduction to API Gateway

2.API Gateway: High Level View

Cloud Lab

3.API Gateway: Basic Configurations

4.Data Mapping Deep Dive

Cloud Lab

5.Websocket Deep Dive

6.AWS Service Integration Deep Dive

Cloud Lab

7.Appendix

Assessment

Mini Project

Cloud Lab

API Keys

What's an API key?