Choosing between HTTP APIs and REST APIs - Amazon API Gateway
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China.

Choosing between HTTP APIs and REST APIs

HTTP APIs are designed for low-latency, cost-effective integrations with Amazon services, including Amazon Lambda, and HTTP endpoints. HTTP APIs support OIDC and OAuth 2.0 authorization, and come with built-in support for CORS and automatic deployments. Previous-generation REST APIs currently offer more features.

The following tables summarize core features that are available in HTTP APIs and REST APIs.

Authorizers HTTP API REST API

Amazon Lambda

IAM

Amazon Cognito

✓ *

Native OpenID Connect / OAuth 2.0

* You can use Amazon Cognito as a JWT issuer.

Integration HTTP API REST API

Public HTTP endpoints

Lambda

Amazon services

Private integrations with Application Load Balancers

Private integrations with Network Load Balancers

Private integrations with Amazon Cloud Map

Mock

API management HTTP API REST API

Usage plans

API keys

Custom domain names

✓ *

* HTTP APIs don't support TLS 1.0.

Development HTTP API REST API

API caching

Request parameter transformation

Request body transformation

Request / response validation

Test invocation

CORS configuration

✓ *

Automatic deployments

Default stage

Default route

Custom gateway responses

Canary release deployment

* You can combine different features of REST APIs to support CORS. To learn more, see Enabling CORS for a REST API resource.

Security HTTP API REST API

Mutual TLS authentication

Certificates for backend authentication

Amazon WAF

Resource policies

API type HTTP API REST API

Regional

Edge-optimized

Private

Monitoring HTTP API REST API

Access logs to Amazon CloudWatch Logs

Access logs to Amazon Kinesis Data Firehose

Execution logs

Amazon CloudWatch metrics

Amazon X-Ray