Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

Usage Plan / Rate limit / x-api-key

0

We currently require x-api-key header to be passed. This is how we control usage plan and limit
One customer of ours said that they cannot pass header parameters and they can only do urlencoded form parameters.

My question is how can we enforce usage plan / limiting if x-api-key will be coming from form parameters?

Temas
Sin servidorWeb y móvil front-endRedes y entrega de contenido
Etiquetas
Amazon API Gateway
Idioma
English
Johnson965
preguntada hace 5 años402 visualizaciones
3 Respuestas
1

Hello:

You can provide the key as the result of a lambda authorizer which will have access to headers, url parameters and query string, but not body parameters.

https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-api-key-source.html

Regards,
Bob

EXPERTO
AWS-User-0395676
respondido hace 5 años
1

Hello:

Unfortunately there isn't currently an option that would support your use case. Apologies for the inconvenience.

Regards,
Bob

EXPERTO
AWS-User-0395676
respondido hace 5 años
0

Bob,

Thank you for taking time to reply.

I am the same person asking on this thread: https://forums.aws.amazon.com/thread.jspa?messageID=887871&#887871

I could have asked both my questions in one thread but they are not related so I created a thread for each of my question.

so based on this: https://forums.aws.amazon.com/thread.jspa?messageID=887871&#887871

I will be doing authorization in the Integration level... meaning I won't be having the Authorizer configured anymore
how am I going to enforce x-api-key without an authorizer?

Johnson965
respondido hace 5 años

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante