AWS Api Gateway + Lambda + custom domain (Route53) Missing Authentication Token issue

Question

I am aware that many similar questions have been posted and answered here but none of them is quite the same with what I am experiencing.

I have a Lambda function that handles incoming requests (GET and POST). I also set up an api gateway as public facing endpoint. Additionally, I set up custom domain following Set up Custom Domain Name for API Host Name

The testing call works in both of lambda and api gateway console. Everything also works using the invoke URL but not with the custom domain I've set up.

Here are some more details:

Invoke URL (Works) :

https://{api gateway id}.execute-api.us-west-2.amazonaws.com/prod/endpoint

Custom domain endpint (Doesn't work):

https://api.{my domain}.com/endpoint

Base Path Mapping:

/endpoint   endpoint:prod

All Method Auth:

Authorization None
API Key Not required

Route53:

A record as alias that points api.{my domain}.com to the cloudfront distribution domain name as alias target. 

I'd really appreciate if anyone knows what's going out here.

Answer 1

I found the issue is misunderstanding of how base path mapping works.

All my configurations are correct.

My API resource is not under / but under /endpoint

To use the custom domain, instead of visiting https://api.{my domain}.com/endpoint, it needs to go to https://api.{my domain}.com/endpoint/endpoint

Of course this is silly and redundant.

I have two options. I either set up the base path mapping to / instead of /endpoint or I can just user the API resource / instead of /endpoint.

I go with the latter because if base path mapping is set to /, my api.{my domain}.com will only be able to host just one API (I can still use resources under the same API, but why wasting the extra layer of abstraction?).

This seems dump but I am still glad I figured it out.