Reputation: 1135
API Gateway HTTP integration, how do I pass the authorization header?
I'm in "Integration Request". I've set HTTP integration type and the Endpoint URL. Below, I see "HTTP Headers, but if I try to add an header, there is a strange "mapped from" value I don't understand. Setting an HTTP Proxy integration add a Mapping template I also don't understand.
I just need to pass the Authorization:xxxx and X-Auth-Username:xxxxx from the original request to the endpoint
Can't find an easy way...
I set HTTP proxy integration and added in the HTTP Headers (and deployed):
method.request.header.Authorization
method.request.header.X-Auth-Username
I also added as required Authoriaxtion and X-Auth-Username in Method request header as required. But I get an error upon calling the api:
Authorization header requires 'Credential' parameter.
Authorization header requires 'Signature' parameter.
Authorization header requires 'SignedHeaders' parameter.
Authorization header requires existence of either a 'X-Amz-Date' or a 'Date' header
Hmmm maybe it's a "naming" problem? So I changed "authorization" with MyAuthentication in the method request, and after in the integration Header, I mapped Authorization to
method.request.header.MyAuthentication
Now if I call my api with MyAuthorization in the header, I get "Missing Authentication Token", without hitting the api server
Upvotes: 6
Views: 13615
Answers (3)
Reputation: 363
To Correctly use aws API Gateway as a pure http proxy and make it pass the Authorization header as-is to your backend API, you need to do two things:
- In the Method Request: Make sure to add the
Authorizationheader to the Http Request Headers section.
With this, AWS does not assume that the Authorization header is of your own implementation and the gateway does not expect it to contain AWS own format of multiple parameters such as SignedHeaders, Signature, X-Amz-Date , etc..
2. In the Integration Request: Make sure to select the Use HTTP Proxy Integration.
This makes sure that the request is being sent to the target as-is and thus the Authorization header not to be consumed and discarded as part of AWS own SigV4 authorization.
Upvotes: 3
Reputation: 188
Click on 'Method Request' , expand 'HTTP Request Headers' and add a header Authorization . Now go back and click on 'Integration Request' , expand 'HTTP Headers' and add Header Name Authorization and 'Mapped from' method.request.header.Authorization . Basically for any header XYZ on 'Method Request' tab should have corresponding mapping on 'Integration Request' method.request.header.XYZ .
Upvotes: 8
Reputation: 1135
The following was correct...I was calling the original api path instead of te api gateway path....
I set HTTP proxy integration and added in the HTTP Headers (and deployed): method.request.header.Authorization method.request.header.X-Auth-Username
Upvotes: 0
Related Questions
- Access headers in AWS API Gateway using HTTP Proxy?
- AWS API Gateway - lambda integration missing authorization header
- AWS ApiGatewayV2 HTTP API with custom authorization lambda
- authorization for API gateway
- API gateway how to pass AWS IAM authorization from rest client
- AWS Api Gateway Setting the header value to a default value using http Integration
- AWS API Gateway integration request Http headers not being passed to lambda
- AWS API Gateway Always Pass Same Authentication Header
- Authorize AWS API Gateway by a Lambda
- How do you pass Authorization header through API Gateway to HTTP endpoint?