Skip to main content

Overview

Pre-built tooling

Pre-built integrations

Access requirements

Setup guide

Useful links

API gotchas

Pre-built tooling

ToolsStatus
Pre-built authorization (Basic)
Pre-built authorization UI
Custom authorization UI
End-user authorization guide
Expired credentials detection
ToolsStatus
Pre-built integrations
API unification
2-way sync
Webhooks from Nango on data modifications
Real-time webhooks from 3rd-party API🚫 (time to contribute: <48h)
Proxy requests
ToolsStatus
HTTP request logging
End-to-type type safety
Data runtime validation
OpenTelemetry export
Slack alerts on errors
Integration status API
ToolsStatus
Create or customize use-cases
Pre-configured pagination🚫 (time to contribute: <48h)
Pre-configured rate-limit handling
Per-customer configurations

Pre-built integrations

EndpointDescriptionReadme
POST /usersCreates a user in AWS IAM.🔗
DELETE /usersDelete an existing user in AWS IAM. When you delete a user, you must delete the items attached to the user manually, or the deletion fails.🔗
GET /usersFetches a list of users from AWS IAM🔗
Not seeing the integration you need? Build your own independently.

Access requirements

Pre-RequisitesStatusComment
Paid dev account
Paid test account
Partnership
App review
Security audit

Setup guide

No setup guide yet.
Need help getting started? Get help in the community.
Contribute improvements to the setup guide by editing this page
Contribute useful links by editing this page

Connection configuration in Nango

  • AWS uses different domain extensions codes for different regions, i.e us-east-2 for the US East (Ohio) region, us-east-1 for the US East (N. Virginia) region, or eu-west-1 for Europe (Ireland) region.It also uses different subdomains for different user pools.
  • Please provide your apiSubdomain, which is the endpoint subdomain to the specific Amazon Cognito API. For example, for the US East (Ohio) region (user) pools, the subdomain would be idp.us-east-2. You can reference the Amazon Cognito Service Endpoints documentation to find the appropriate endpoint for your specific use case.

API gotchas

  • To create a new connection in Nango for AWS IAM, you’ll need an Access Key ID and a Secret Access Key. Use these to set up your connection, with the Access Key ID as the username and the Secret Access Key as the password. For more details on generating these keys, visit Create an access key.
  • With this you can now use your basic auth credentials to sign you requests as follows. For more on how to sign your requests, please vist AWS signature version 4 for API requests
    if ('username' in connection.credentials && 'password' in connection.credentials && 'region' in connection.connection_config) {
        const accessKeyId = connection.credentials['username'];
        const secretAccessKey = connection.credentials['password'];
        const region = connection.connection_config['region'];
        const host = 'iam.amazonaws.com';

        const date = new Date().toISOString().replace(/[:-]|\.\d{3}/g, '');
        const payloadHash = crypto.createHash('sha256').update('').digest('hex');
        const canonicalHeaders = `host:${host}\nx-amz-date:${date}\n`;
        const signedHeaders = 'host;x-amz-date';

        const canonicalRequest = `${method}\n${path}\n${querystring}\n${canonicalHeaders}\n${signedHeaders}\n${payloadHash}`;
        const credentialScope = `${date.substr(0, 8)}/${region}/${service}/aws4_request`;
        const stringToSign = `AWS4-HMAC-SHA256\n${date}\n${credentialScope}\n${crypto.createHash('sha256').update(canonicalRequest).digest('hex')}`;

        const getSignatureKey = (key: string, dateStamp: string, regionName: string, serviceName: string) => {
            const kDate = crypto.createHmac('sha256', `AWS4${key}`).update(dateStamp).digest();
            const kRegion = crypto.createHmac('sha256', kDate).update(regionName).digest();
            const kService = crypto.createHmac('sha256', kRegion).update(serviceName).digest();
            return crypto.createHmac('sha256', kService).update('aws4_request').digest();
        };

        const signingKey = getSignatureKey(secretAccessKey, date.substr(0, 8), region, service);
        const signature = crypto.createHmac('sha256', signingKey).update(stringToSign).digest('hex');

        const authorizationHeader = `AWS4-HMAC-SHA256 Credential=${accessKeyId}/${credentialScope}, SignedHeaders=${signedHeaders}, Signature=${signature}`;

        return { authorizationHeader, date };
Contribute API gotchas by editing this page

Going further

Connect to AWS-IAM

Guide to connect to AWS-IAM using Connect UI
I