Hi All!
I was wondering, is there an easy way of using AWS Cognito user pool JWT tokens as client verification instead of API tokens?
I develop a mobile application, and user management is through AWS Cognito, for CMS I am using Strapi. I do not want to store any information about the users in Strapi, and for accessing content, until this point I have used API keys.
A security concern arose, and I was asked whether the static Strapi provided API key could be switched to the jwt token that the user receives after logging in via Cognito.
Only the Content API should be affected, the admin portal should remain intact.
Thank you in advance, for helping solve this issue!