Project
Mobile App Development
Project Description
A leading Indian bank required a robust, auditable API security layer to govern which users and systems could access specific APIs. We designed and implemented a financial-grade security architecture using OAuth 2.0, AWS Cognito, JWT, and PEM key pairing — ensuring that every API call was authenticated, scoped, and logged. All this was done without involving any code change in existing APIs.
ZERO TRUST
No access without explicit authorisation
Every API endpoint was protected with scoped access tokens — no user or system could access resources beyond their defined permission set, enforcing a true zero-trust architecture.
IDENTITY MANAGEMENT
AWS Cognito managing every identity
AWS Cognito handled user pools, identity federation, and token issuance — giving the bank a centralised, auditable identity layer across all API consumers.
FINE GRAINED CONTROL
Role-based access down to the endpoint level
Access policies were defined at the individual API level — different roles received different scopes, ensuring sensitive financial endpoints were accessible only to authorised personnel.
COMPLIANCE
Audit-ready logging for every transaction
All API calls were logged with timestamps, user identity, and response codes — providing the bank with a complete audit trail for regulatory compliance and incident investigation.
