Integrate API Gateway with Cognito User Pool Authorizer

Create Cognito User Pool

 Navigate to Cognito.

1. Click on Manage User Pools button in the Home Page.
2. Click on Create a user pool button.
3. Provide a pool name as you wish. E.g., DevUserPool
4. Create with default settings
5. Create a App Client
6. Under Review tab, click on Create pool button

Once user pool is created. Create resource server.

Resource server

Navigate to App Integration -> Resource servers.

Provide some values to Resource server Name, Identifier and Scopes.

For example,

Configure App Client Settings

Navigate to App Integration -> App client settings

1. Enable Cognito User Pool check box
2. Move to OAuth 2.0 section
3. Under Allowed OAuth Flows,  enable Client credentials check box.
4. Also enable the newly created scope under Allowed Custom Scopes .

For example,

Create Domain Name

Navigate to App integration -> Domain name

Enter some domain name and check on the availability. On success, save changes.

Integrate Cognito into API Gateway

Navigate to API Gateway service.

1. Move into your API Gateway.
2. Click on Authorizers section
3. Click on Create New Authorizer button
4. New authorizer panel will be created for you.
5. Choose Type as Cognito. 
6. Under Cognito User Pool, select the newly created user pool.
7. Type Authorization under Token source text box.
8. Click on Create 

By now, new authorizer would have been created like below.

Attach authorizer to API resources

Move to respective resource and method where you want to enable authorization.

E.g., 

Click on Method Request from the left side panel and under Settings -> Authorization, select the newly created authorizer.

Repeat the above step for all resource methods in your API. Once done, deploy the API to get the changes reflected.