APIs

The application didn't require any APIs so far, as we are managing most of the logic either from front-end or from service configurations.

We will write a bunch of APIs to extend the application and also include the use case of API Gateway and DynamoDB.

• Add Notes to Files

• Share Files with other users

Cognito User Authorization with API Gateway

In the current context, the APIs are only validating there is a valid Cognito user making the request, but not checking if the user has the authorization (scope) to actually invoke add-notes or share-files API. We will look at that during the OAuth 2 Sope integration.