During AWS re:Invent this year AWS announced a new way to make HTTP APIs with API Gateway v2. It now includes things like native support for JSON Web Tokens (JWTs) and a vastly simplified number of AWS resources to get an API up and running. You can read about all the updates here in my post on the Serverless Blog.
Amazon Cognito can be a useful service when you want to add authentication and authorization to an existing application on AWS. But I’ve also noticed a few quirks that I couldn’t find answers to anywhere in the documentation. So here’s my attempt to spare some folks idle hours search for answers.