getting message: forbidden reply from AWS API gateway

Question

I am trying to create a lambda service on AWS and have it accessed from outside via the API gateway with no authentication or restriction required.

To make things ea

Answer 1

If Authorization and API KEY Required both are set to true for the method, then make sure you have the following Headers while sending the request:

1. Content-Type (usually application/x-www-form-urlencoded if GET call)
2. HOST
3. X-Amz-Date
4. Authorization
5. x-api-key

I use POSTMAN for API testing which is quite reliable and then it's preety straight forward.

Note: Do not add x-api key header if you have set API KEY REQUIRED as FALSE. And if you have set AUTHORIZATION as FALSE then do not add Authorization header.

Answer 2

Putting my experience over here as well. I tried all those things above and it turned out that putting the domain with a wildcard solved my {"message":"Forbidden"} issue: *.mydomain.com