1. In Postman, on the Authorization tab, do the following:
For Type, choose AWS Signature.
For AccessKey and SecretKey, enter the IAM access key ID and secret access key for an IAM user. The IAM user must be in the IAM group that has access to your API.
2. In the Enter request URL field, paste your API's invoke URL. If you activated IAM authentication on a method for a particular API resource, then append the resource name to the end of the invoke URL.
Note: The full request URL with resource name looks like the following: https://restApiId.execute-api.region.amazonaws.com/stageName/resourceName
An authenticated request returns a 200 OK response code. An unauthorized request returns the message Missing Authentication Token and a 403 Forbidden response code.