问题
How do I set the status code to 429 and return a custom message from an API Gateway custom authorizer?
回答1:
Am also searching for this solution. i got messages like custom message & status code from our custom authorizer is not enabled. refer here - https://forums.aws.amazon.com/thread.jspa?threadID=226689
But while coding for custom authorizer found that you can send either 401 or 403
//this will send status - 401 , body - {"message":"unauthorized"}
context.fail('Unauthorized')
/*this will send status 403 , body - {
"Message": "User is not authorized to access this resource with an explicit deny"
}*/
context.succeed({
"policyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Action": "execute-api:Invoke",
"Effect": "Deny",
"Resource": [
"arn:aws:execute-api:ap-south-1:************/Development/*/*"
]
}
]
}
})
note : like allow you have to create deny policy
回答2:
The functionality here is a bit limited. But I've found that by editing the Gateway Responses for the 403 and 401 status codes. My custom message gets shown to users.
For example, by saving the below and re-deploying the API. I now get my custom message when the lambda authorizer returns a deny policy.
来源:https://stackoverflow.com/questions/49140801/is-it-possible-to-customize-api-gateway-custom-authorizer-response-message-and-s