[tayleeganj]

So I've got a site on S3 Cloudfront. I have an API gateway origin. I need to call an external API. The auth works by constructing a JWT, POSTing it to a token endpoint, and including that access token in requests to the API. I need a way to cache the access token.

1. Call API with Lambda proxy with the access token stored as a global variable outside the handler. Would be reused but like article mentions not guaranteed and can miss often. 2. Store access token client side (cookie). This would require one call per client even if the access token already generated. 3. Store access token externally (S3 or secrets manager?). Latency would increase, but could be combined with #1.

Any other way to do this?

[catlifeonmars]

Proxy the calls to the external API via your own gateway. You’ll get better control over caching behavior, push complexity away from the client, and have more control over how you handle dependency failures. Also, you should load test lambda with expected traffic patterns to actually validate that container-based caching is insufficient. Dynamo also has good in-dc latency, with very good scaling behavior.

[tayleeganj]

interesting. yeah I'm definitely proxiying all API calls through my own gateway. and yeah I'll have to run some tests.