Amazon API Gateway
Developer Guide

The AWS Documentation website is getting a new look!
Try it now and let us know what you think. Switch to the new look >>

You can return to the original look by selecting English in the language selector above.

Controlling and Managing Access to a REST API in API Gateway

API Gateway supports multiple mechanisms for controlling and managing access to your API.

The following mechanisms can be used for authentication and authorization:

The following mechanisms can be used for performing other tasks related to access control:

The following mechanisms can be used for tracking and limiting the access that you have granted to authorized clients:

  • Usage plans let you provide API keys to your customers — and then track and limit usage of your API stages and methods for each API key. For more information, see Create and Use Usage Plans with API Keys.