By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Amazon Chat widget access error - 403 explicit deny

0

Hello,

We implemented Amazon Connect built-in Chat widget (security enabled) in one AWS account, everything works fine including serving JWT tokens, passing contact attributes etc.

We are now trying to implement similar configuration in a new account (new Connect instance). The Web Chat widget is giving us this error: {"code": 403, "msg": "User is not authorized to access this resource with an explicit deny"}

This error looks like coming from an API gateway to serve the widget frame code (once we click on the chat icon), but we have no control over the user or IAM policies as we are not using API directly and the built-in widget is making these calls. Not sure where to look, as we checked and rechecked everything (CORS domain settings, Snippet ID, Chat Widget etc.). The widget works fine once we turn-off security.

Any ideas? Thanks much.

Topics
Security, Identity, & ComplianceApplication IntegrationBusiness ApplicationsAWS Well-Architected Framework
Tags
AWS Identity and Access ManagementAmazon ConnectSecurity
Language
English
TalkFirst
asked a year ago592 views
1 Answer
1
Accepted Answer

Solved, the issue has to do with the URL for chat javascript file. We used the same URL in two different connect instance widgets.

TalkFirst
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content