Authenticated Amazon API Gateway IAM Server Example with Generated JS SDK

Question

Authenticated Amazon API Gateway IAM Server Example with Generated JS SDK

I've created sample GET and POST APIs on Amazon API Gateway following their official documentation. I created a JS SDK for these APIs, which I use to call these APIs from a client JS file hosted in S3. This works flawlessly without "Authorization Type".

Now when I set the "Authorization Type" for the GET method to "IAM", I need to pass the IAM credentials for it to work. Even though I passed my credentials for an AWS account, I get this in the response headers:

x-amzn-ErrorType:InvalidSignatureException:http://internal.amazon.com/coral/com.amazon.coral.service/

Finally, it returns a 403 error code .

My question is, has anyone successfully tried to use the generated javascript SDK from Amazon API Gateway with IAM authentication? Can you point out where I might go wrong?

Thank.

+3

javascript amazon-web-services amazon-iam aws-lambda aws-api-gateway

rk2 Jul 27. 15 at 11:13 pm

source to share

1 answer

rk2 · Accepted Answer · 2015-07-30T10:21:24+0000

I was able to solve this with the help of several people on the AWS forum. It looks like the API Gateway GET method expects an empty body. By default, if you follow the README image that comes with the generated JS SDK, passing 'undefined' or just '{}' inside the body to the GET will cause an inconsistent payload and this will result in an invalid signature being computed.

For now, I've just done a little tweak in / lib / apiGatewayCore / sigV 4Client.js by hard coding body = ''

.

This should be a temporary training session as it may affect your other Gateway API methods that require a filled body. In my case, I only had GET methods.

Authenticated Amazon API Gateway IAM Server Example with Generated JS SDK

More articles: