Customizing REST API Gateway Authorizer Response

Question

Hi Folks,

I am looking to output a specific error message when I raise a Deny policy from my lambda authorizer hooked up to my REST API Gateway. There are a couple of different 403 responses in the API gateway, I am trying to find the right one which the API raises when my authorizer returns a deny policy.

Thanks,
Matthew

Answer

Yes, you can return a specific response from Lambda Authorizer, you have access to a *special* object called $context.authorizer which you can use to customize the response, please review  this section of the [documentation](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-mapping-template-reference.html#context-variable-reference) which explains in depth, you can use in your response template.

In the API Gateway console you can change the response to `custom` for Access Denied (`403`),  Under the Response templates ->   Template body you can specify the 
specific field being returned from your authorizer, In my case, I have a authorizer for my API where I return a `message` field populated with a custom message under the `context` key for denied requests, so my Template body is 
`{"message":$context.authorizer.context.message}`

I have this field populated with this specific string ` "context": {... "message": "You do not have access to this resource"}` so when authorizer denies the request, the response I get is `{"message":You do not have access to this resource}`

Please see this SO [post](https://stackoverflow.com/questions/47921803/how-to-throw-custom-error-message-from-api-gateway-custom-authorizer) as well that explains it.

HTH

Customizing REST API Gateway Authorizer Response

관련 콘텐츠