Base URL
Your API Gateway base URL will be provided after deployment:Available Endpoints
Check Access
Verify authorization using AWS Verified Permissions
Get Users
Retrieve demo users, resources, and available actions
Agent
Query permissions using natural language AI agent
Authentication
This demo application does not require authentication for API calls. In a production environment, you would integrate with Amazon Cognito or another identity provider.CORS Configuration
All endpoints support CORS with the following headers:OPTIONS requests are automatically handled by all endpoints.
Error Responses
All endpoints return error responses in the following format:Human-readable error message
Additional error details when available
Helpful troubleshooting suggestion
Common Status Codes
| Status Code | Description |
|---|---|
200 | Success |
400 | Bad Request - Invalid input |
500 | Internal Server Error - AWS service error |
Demo Data
Users
The demo includes three users with different roles and attributes:| ID | Name | Role | Department | Clearance Level |
|---|---|---|---|---|
alice | Alice Garcia | Analyst | Finance | 2 |
bob | Bob Torres | Admin | Finance | 3 |
carol | Carol Mendez | Auditor | HR | 1 |
Resources
Three documents are available for access control:| ID | Department | Classification |
|---|---|---|
Q4-Report-2024 | Finance | confidential |
HR-Payroll-2024 | HR | restricted |
Sales-Dashboard | Sales | internal |
Actions
Supported actions for authorization checks:Read- View the documentEdit- Modify the documentDelete- Remove the document
Rate Limits
AWS Lambda and API Gateway have default concurrency and rate limits. Adjust these in your AWS account settings as needed.