Missing Authentication Token while accessing API Gateway?

Question

I am trying to call a Lambda Function through AWS API Gateway. When I mention Authentication type NONE it works fine but API become public and anyone with url can access my

Answer 1

Found this in the docs:

If the AWS_IAM authorization were used, you would sign the request using the Signature Version 4 protocols.

Signing request with Signature Version 4

---

You can also generate an SDK for your API.

How to generate an SDK for an API in API Gateway

Once you've generated the SDK for the platform of your choice, step 6 mentions that if you're using AWS credentials, the request to the API will be signed:

6. To initialize the API Gateway-generated SDK with AWS credentials, use code similar to the following. If you use AWS credentials, all requests to the API will be signed. This means you must set the appropriate CORS Accept headers for each request:

   var apigClient = apigClientFactory.newClient({
     accessKey: 'ACCESS_KEY',
     secretKey: 'SECRET_KEY',
   });