Artwork

Content provided by Sébastien Stormacq and Amazon Web Services. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Sébastien Stormacq and Amazon Web Services or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Player FM - Podcast App
Go offline with the Player FM app!

Navigating Machine-to-Machine Security

34:15
 
Share
 

Manage episode 489819174 series 3636979
Content provided by Sébastien Stormacq and Amazon Web Services. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Sébastien Stormacq and Amazon Web Services or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
In this episode, Seb and Abram Douglas dive deep into OAuth 2.0 and the challenges of machine-to-machine (M2M) authentication. They unpack the security trade-offs between API keys and the client credentials grant flow, explaining how Amazon Cognito can generate time-bound access tokens and use Lambda triggers for token customization. The conversation highlights token claims, secure verification methods, and how API Gateway integrates with Cognito for simplified authorization. Seb and Abram also explore fine-grained access control using Amazon Verified Permissions and outline best practices like securing secrets with AWS Secrets Manager, rotating client credentials, and enabling AWS WAF. Finally, they look ahead to the role of AI agents in secure M2M communication, stressing the importance of user consent, identity propagation, and robust token management in future architectures.

With Abrom Douglas, Solution Architect, Amazon Cognito

  •   continue reading

    172 episodes

    Artwork
    iconShare
     
    Manage episode 489819174 series 3636979
    Content provided by Sébastien Stormacq and Amazon Web Services. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Sébastien Stormacq and Amazon Web Services or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
    In this episode, Seb and Abram Douglas dive deep into OAuth 2.0 and the challenges of machine-to-machine (M2M) authentication. They unpack the security trade-offs between API keys and the client credentials grant flow, explaining how Amazon Cognito can generate time-bound access tokens and use Lambda triggers for token customization. The conversation highlights token claims, secure verification methods, and how API Gateway integrates with Cognito for simplified authorization. Seb and Abram also explore fine-grained access control using Amazon Verified Permissions and outline best practices like securing secrets with AWS Secrets Manager, rotating client credentials, and enabling AWS WAF. Finally, they look ahead to the role of AI agents in secure M2M communication, stressing the importance of user consent, identity propagation, and robust token management in future architectures.

    With Abrom Douglas, Solution Architect, Amazon Cognito

  •   continue reading

    172 episodes

    All episodes

    ×
     
    Loading …

    Welcome to Player FM!

    Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

     

    Quick Reference Guide

    Copyright 2025 | Privacy Policy | Terms of Service | | Copyright
    Listen to this show while you explore
    Play