In this session, we crack open the IDE to secure a multi-tenant SaaS platform built on a ReactJS web app and NodeJS serverless microservices. We use Amazon API Gateway and Amazon Cognito to simplify the operation and security of the service's API and identity functionality. We enforce tenant isolation and data partitioning with OAuth's JWT tokens. We'll then abstract the security complexity from developers to keep operational burden to a minimum, maximising developer productivity, and maintaining a great developer experience.
Gerardo Estaba, Senior Partner Solutions Architect, Amazon Web Services