Getting error: Missing Authentication Token after AWS API request

22
votes

I am trying to call a Lambda Function through AWS API Gateway.

I've been getting this error when I tried IAM authentication, API Key Authentication and also with no authentication. enter image description here

{"message":"Missing Authentication Token"}

Some people had the same problem due to non existing endpoint. However, I've taken my endpoint directly from the Lambda Function AWS Console. enter image description here

I've been trying to open the URL in the Browser and also on the Postman (with and without a header authentication: x-api-key: *****************). enter image description here

Both responded with above stated error.

5
amazon-web-servicesauthenticationaws-lambdaaws-api-gateway
Does this work if you set up the API first in API Gateway and then add the Lambda function to the API?RyanG

5 Answers

17
votes

One more step: in Postman, you need to set the Authorization to AWS Signature, and then enter your AccessKey and SecretKey from your IAM user:

Postman screenshot Postman screenshot

7
votes

I'll write up a detailed FAQ here for any viewers. Ordered by most common cause.

  1. Incorrect resource path and/or HTTP method.
    • If you have the right resource path and the wrong HTTP method, you'll still see this message
    • You can use Postman or some other client to sign a request to the same resource/method and if you get a 404 then you definitely have the wrong resource/method.
  2. Missing signature on protected resource/method. By default, your API will be open. If you have explicitly required AWS Auth then the error indicates that the request wasn't signed.
  3. If you're using the Lambda console to create an 'API Endpoint' it may be an issue on the Lambda end, or a delay in the propagation of the new API. In this case go to the API Gateway console and you should see the same API that Lambda created for you. Make sure it has been deployed and you have the right stage, resource path, and method.
2
votes

Just wanted to mention that if you set your API gateway's authentication to be NONE, make sure you need to Deploy API first before the no authentication setting is in effect.

-1
votes

You have to Enable CORS from the actions for the API. This will create a new OPTIONS method. CORS is for cross domain requests

-2
votes

You need to set Api Key Required to true. See more here: http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-api-keys.html