Amazon API Gateway
Developer Guide

Controlling and Managing Access to a REST API in API Gateway

API Gateway supports multiple mechanisms for controlling and managing access to your API.

The following mechanisms can be used for authentication and authorization:

The following mechanisms can be used for performing other tasks related to access control:

The following mechanisms can be used for tracking and limiting the access that you have granted to authorized clients:

  • Usage plans let you provide API keys to your customers — and then track and limit usage of your API stages and methods for each API key. For more information, see Create and Use Usage Plans with API Keys.