🔥 3-day streak
AWS Certified Developer - Associate45 / 150
Question 45 of 150
A developer builds a single-page application (SPA) that must let users sign in and then call a custom REST API secured behind Amazon API Gateway. The team uses an Amazon Cognito user pool with the hosted UI and defines a resource server with custom scopes (for example, orders/read and orders/write). The developer must ensure the SPA receives a token that carries the granted OAuth 2.0 scopes so that API Gateway can authorize access to specific API operations. Which token issued by Cognito should the application send to API Gateway for scope-based authorization?
Reviewed for accuracy · Report an issueNext question