AmplifyBackend

Name: AmplifyBackend API
Brand: AmplifyBackend
Availability: InStock

★ Only Publicly Available OpenAPI DocumentCloud InfrastructureServerlessapiKey31 EndpointsREST

For Agents

Generate, configure, and remove Amplify backend environments and their auth, API, storage, and config resources programmatically through 31 admin operations.

Quickstart

Get started with AmplifyBackend in minutes using your preferred integration method.

# Add to your MCP client config (Claude Desktop, Cursor, Windsurf)
{
  "jentic": {
    "url": "https://api.jentic.com/mcp",
    "auth": "oauth"
  }
}

# Then ask your agent:
"create an amplify backend auth resource"

# → Jentic returns the GET /events tool with parameter schema, agent executes.

Capabilities

What an agent can do with AmplifyBackend API.

Clone an existing Amplify backend environment to spin up an isolated dev or QA stack

Generate auth resources backed by Amazon Cognito user pools and identity pools

Generate API resources for REST and GraphQL backends with associated Lambda and DynamoDB infrastructure

Configure storage backends backed by S3 with per-user access rules

GET STARTED

Start building with AmplifyBackend API

Explore with Jentic

View OpenAPI Document

Jentic publishes the only available OpenAPI document for AmplifyBackend, keeping it validated and agent-ready.

Jentic publishes the only available OpenAPI specification for AmplifyBackend, keeping it validated and agent-ready. AWS AmplifyBackend is the admin API that powers backend resource generation for Amplify Hosting applications, including auth, API, storage, and config resources tied to specific Amplify backend environments. The API exposes 31 operations to clone, configure, list, and remove backends, manage authentication and API resources, and import existing Cognito user pools. Platform teams use it to script Amplify CLI generated backends from CI rather than developer machines.

Use Cases

Patterns agents use AmplifyBackend API for, with concrete tasks.

★ Programmatic Backend Environment Cloning

Platform teams use CloneBackend to copy a working backend environment into a new one for QA, staging, or feature work without rerunning the full Amplify CLI flow. The clone preserves auth, API, storage, and config so the new environment can be wired to a different Amplify Hosting branch and used by reviewers or QA testers within minutes.

Call POST /backend/{appId}/environments/{backendEnvironmentName}/clone with TargetEnvironmentName=qa to copy an existing backend

Auth Resource Generation

Application teams use the auth endpoints to generate Cognito-backed authentication for an Amplify app from a structured config rather than the local CLI. CreateBackendAuth provisions a Cognito user pool and identity pool with the requested settings, and UpdateBackendAuth applies subsequent changes. The same flow can be triggered from a CI job, so backend changes deploy alongside frontend changes.

Call POST /backend/{appId}/auth with ResourceConfig describing the Cognito user pool and identity pool requirements for the target environment

Existing Cognito Pool Import

Teams that already have a Cognito user pool use ImportBackendAuth to attach it to a new Amplify backend rather than duplicating identities. The same pool then underpins the Amplify generated client config so frontends authenticate against the existing identity store, making it straightforward to migrate legacy apps onto Amplify without forcing user resets.

Call POST /backend/{appId}/auth/{backendEnvironmentName}/import with the existing UserPoolId, IdentityPoolId, and NativeClientId

AI Agent Backend Provisioner

An AI agent invoked through Jentic provisions a new Amplify backend environment for each new microsite or experiment. The agent searches Jentic for the create-backend-auth and create-backend-api operations, executes them with the requested resource configs, and reports the resulting endpoints back to a chat workflow. Jentic handles SigV4 signing, so the agent only deals with the structured ResourceConfig payloads.

Search Jentic for create amplify backend auth, execute it with the auth resource config, then create matching API and storage resources for the same backend environment

Key Endpoints

31 endpoints — jentic publishes the only available openapi specification for amplifybackend, keeping it validated and agent-ready.

METHOD

PATH

DESCRIPTION

POST

/backend

Create a new Amplify backend

POST

/backend/{appId}/environments/{backendEnvironmentName}/clone

Clone an existing backend environment into a new one

POST

/backend/{appId}/auth

Create a Cognito-based auth resource for the backend

POST

/backend/{appId}/api

Create a REST or GraphQL API resource for the backend

POST

/backend/{appId}/storage

Create an S3-backed storage resource for the backend

POST

/backend/{appId}/environments/{backendEnvironmentName}/remove

Remove a backend environment and its associated resources

POST

/backend

Create a new Amplify backend

POST

/backend/{appId}/environments/{backendEnvironmentName}/clone

Clone an existing backend environment into a new one

POST

/backend/{appId}/auth

Create a Cognito-based auth resource for the backend

POST

/backend/{appId}/api

Create a REST or GraphQL API resource for the backend

POST

/backend/{appId}/storage

Create an S3-backed storage resource for the backend

Why though Jentic?

Three things that make agents converge on Jentic-routed access.

Credential isolation

AWS access key id and secret access key for AmplifyBackend are stored encrypted in the Jentic vault. Jentic performs SigV4 signing server side and supports STS temporary credentials, so the agent never sees the raw secret access key.

Intent-based discovery

Agents search Jentic with phrases like create amplify backend auth or clone amplify backend environment, and Jentic returns the matching AmplifyBackend operation with its ResourceConfig schema, so the agent does not have to map operation names to AWS path conventions.

Time to first call

Direct integration: 2 to 4 days for SigV4 signing, ResourceConfig payload shaping, and async job polling. Through Jentic: under 1 hour — search, load schema, execute.

Related APIs

Alternatives and complements available in the Jentic catalogue.

Complementary

AWS Amplify

AmplifyBackend pairs with the Amplify Hosting API to wire backend resources to specific frontend branches

Use Amplify Hosting alongside AmplifyBackend when the agent needs to bind frontend branches to the backend environments it just provisioned.

Alternative

Amazon API Gateway

Use API Gateway directly when you do not want Amplify's CloudFormation glue around your backend

Choose API Gateway directly when the project needs full control over the REST or HTTP API; choose AmplifyBackend when you want Amplify's opinionated wiring with auth and storage included.

Complementary

AWS Certificate Manager

Issues SSL certificates used by API and storage endpoints generated by Amplify backends

Use ACM directly when the agent needs to manage the underlying certificates that Amplify provisioned for backend endpoints.

FAQs

Specific to using AmplifyBackend API through Jentic.

Why is there no official OpenAPI spec for AmplifyBackend?

AWS does not publish an OpenAPI specification for AmplifyBackend; the official surface is the AWS SDKs and the Smithy model. Jentic generates and maintains this spec so that AI agents and developers can call AmplifyBackend via structured tooling. It is validated against the live API and kept up to date. Get started at https://app.jentic.com/sign-up.

What authentication does the AmplifyBackend API use?

AmplifyBackend uses AWS Signature Version 4 (SigV4) signed with an IAM access key id and secret access key, optionally with an STS session token. Through Jentic the access key id and secret access key are stored encrypted in the vault and SigV4 signing is performed server side, so the agent never sees the raw secret access key.

Can I clone an existing Amplify backend with the AmplifyBackend API?

Yes. POST /backend/{appId}/environments/{backendEnvironmentName}/clone with a TargetEnvironmentName produces a new backend environment with the same auth, API, storage, and config as the source. It is the API equivalent of amplify env add --copy-from-existing in the Amplify CLI.

What are the rate limits for the AmplifyBackend API?

AmplifyBackend applies per-region throttling on each operation. Most mutating operations like CreateBackendAuth and CreateBackendAPI are throttled at lower rates than read operations like GetBackend and ListBackendJobs. Persistent throttling returns ThrottlingException; back off with exponential delay and retry.

How do I generate a backend auth resource with the AmplifyBackend API through Jentic?

Install the SDK with pip install jentic, search Jentic for create amplify backend auth, load the CreateBackendAuth operation schema, and execute it with a ResourceConfig describing the Cognito user pool and identity pool you need. Jentic handles SigV4 signing and returns the JobId you can poll with GetBackendJob until the resource is ready.

Can I import an existing Cognito user pool into an Amplify backend?

Yes. POST /backend/{appId}/auth/{backendEnvironmentName}/import with the existing UserPoolId, IdentityPoolId, and NativeClientId attaches the pool to the backend instead of creating a new one. This is the recommended path when migrating an existing app onto Amplify Hosting without forcing users to reset credentials.