Menu
I have an API powered by API Gateway and Lambda that uses a custom authorizer.
For successful requests, it passes through the authorizer and then my Lambda can return proper responses with CORS headers with no problems.
However, for unsuccessful authorizations (eg. invalid tokens), I get no CORS headers and that causes my client app (which uses fetch API) to throw.
How do I setup CORS for an API that uses a custom authorizer?
966
Based from this answer and this AWS documentation page, I was able to figure out how to solve it.
The solution is to add the following in my serverless.yml:
resources:
Resources:
AuthorizerApiGatewayResponse:
Type: "AWS::ApiGateway::GatewayResponse"
Properties:
ResponseParameters:
"gatewayresponse.header.Access-Control-Allow-Origin": "'*'"
ResponseType: UNAUTHORIZED
RestApiId: {"Ref" : "ApiGatewayRestApi"}
StatusCode: "401"
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With