1 Resposta
- Mais recentes
- Mais votos
- Mais comentários
1
Hi,
I think that in this case you should add the Access-Control-Allow-Origin
header at the predefined API Gateway response section and not in your API method response, since it is the gateway who is responding for authorization failure before your method is executed.
Conteúdo relevante
- AWS OFICIALAtualizada há 3 anos
- AWS OFICIALAtualizada há 2 anos
- AWS OFICIALAtualizada há 2 anos
I have it for 401 status in tab "Method responses" enabled headers Access-Control-Allow-Origin
CloudFormationPart
{ "ResponseParameters": { "method.response.header.Access-Control-Allow-Origin": true }, "ResponseModels": {}, "StatusCode": "401" }
Not on your method response, but in the API Gateway default responses. I recommend that you take a look at the link in the previous comment.
Thank you! Sorry, didn't read it carefully. But why, even if I put extra header in method response header still didn't present in response?
maybe response from authorizer avoid response integration step
Exactly, when the API fails because the authorizer or request validation, among others, your method is not executed and the API gateway returns the appropriate default response.