I want to provide users with an API token using which they can call my platform's APIs. Currently, I only have provided users access to my platform through the UI. The user's request from UI go to the API Gateway, which then authenticates the client using Cognito and providing user access till the issued ID token expires.
Now, I want to create a system where I can issue API tokens to the user and they can use these tokens to directly call the platform's API, using these tokens from their CLI. I am wondering if I could use SigV4 to sign these API requests. Then on the server side, my platform would be authorising these requests somehow. My understanding so far has been that SigV4 is designed to work on internal service to service API based communication but is there any way I could use it for my use case?
