AgentCore Gateway User Federation
Expose OAuth 2.0-secured APIs as MCP tools for AI agents while preserving user authentication context using Amazon Bedrock AgentCore Gateway Interceptors.
Overview
This sample demonstrates the USER_FEDERATION pattern for Amazon Bedrock AgentCore, enabling AI agents to access user-specific data through existing OAuth 2.0-secured APIs while maintaining the original user’s authentication context.
Key Features
| Feature | Description |
|---|---|
| USER_FEDERATION | JWT propagation through the entire request chain |
| Three-layer validation | Independent JWT validation at Runtime, Gateway, and API Gateway |
| Gateway Interceptor | Authorization header injection to downstream APIs |
| OIDC Compatible | Works with Okta, Auth0, Azure AD, Amazon Cognito |
Architecture
The solution uses Amazon Bedrock AgentCore Gateway with a custom Interceptor Lambda to bridge the gap between AI agent tool calls and your OAuth-protected APIs.
Components
| Component | Purpose |
|---|---|
| Amazon CloudFront | Hosts frontend and routes API requests |
| AWS App Runner | Backend service that invokes AgentCore |
| AgentCore Runtime | Hosts and executes the AI agent |
| AgentCore Gateway | MCP server exposing APIs as tools |
| Interceptor Lambda | Extracts JWT and injects into outbound requests |
| Amazon API Gateway | HTTP API with JWT authorizer |
Quick Start
git clone https://github.com/aws-samples/sample-bedrock-agentcore-gateway-user-federation.git
cd sample-bedrock-agentcore-gateway-user-federation
./deploy.sh
See the Setup Guide for detailed instructions.
Documentation
- Architecture - System architecture and component overview
- Setup - Local development setup guide
- Deployment - AWS deployment instructions
- Security - Security considerations and best practices
About
This project is maintained by AWS Samples and licensed under the MIT-0 License.
Contributing
Contributions are welcome! See CONTRIBUTING.md for guidelines.