Help improve AWS Support Official channel in re:Post and share your experience - complete a quick three-question survey to earn a re:Post badge!
Trouble with deploying after using JWT token
Hi, My team and I are implementing a despatch generation API for a university project and our api was working perfectly before I implemented authorization using jwt tokens. Our first error was a 502 bad gateway and then only the base page (which does not take any input from the user) shows a 404 error. Wondering if anyone can help with this. The code works when I test on postman but when we deployed it(we are using serverless) we were running into a 502 error. Now when I deploy locally we run into the 404 error just for the base page. Pictures:
the 404 error:
this is the route Im trying to access:
other routes seem to be working:
this is the code to generate the token:
this is the code to authenticate the token:
this is the serverless.yml file:
- Newest
- Most votes
- Most comments
Based on the information provided, it appears you're experiencing issues with your API after implementing JWT token authorization. Here are some potential causes and solutions to consider:
-
Route Configuration: Ensure that your API Gateway routes are correctly configured to match your Lambda function endpoints. The 404 error on the base page suggests a mismatch between the defined routes and the actual endpoints.
-
JWT Authorizer Setup: Verify that your JWT authorizer is properly configured in API Gateway. Make sure the authorizer is correctly attached to the routes that require authentication.
-
Deployment Issues: The 502 Bad Gateway error could indicate a problem with your Lambda function or its integration with API Gateway. Double-check that your Lambda function is deployed correctly and has the necessary permissions to be invoked by API Gateway.
-
CORS Configuration: If you're accessing the API from a web application, ensure that CORS (Cross-Origin Resource Sharing) is properly configured in your API Gateway settings.
-
Lambda Function Errors: Check your Lambda function logs in CloudWatch for any errors that might be causing the 502 error. There could be issues within your code that are only apparent when deployed.
-
API Deployment: After making changes to your API configuration, remember to redeploy your API for the changes to take effect.
-
Serverless Framework: Since you're using the Serverless framework, make sure your serverless.yml file correctly defines your API routes, authorizers, and Lambda function configurations.
To troubleshoot further:
- Review your CloudWatch logs for any error messages.
- Use the API Gateway console to test your endpoints and authorizer.
- Verify that your JWT token is correctly formatted and contains the expected claims.
- Double-check the audience (aud) and issuer (iss) in your JWT configuration match what's expected by your authorizer.
If the issue persists, you may need to review your entire API Gateway and Lambda setup to ensure all components are correctly configured and integrated.
Sources
AWS Gateway: API does not respond in Postman | AWS re:Post
JWT Authorizer not firing in API Gateway | AWS re:Post
Based on the details provided, please go through the following below:
- Configuring your Lambda Authorizer properly
a. Create a Lambda Function
b. Create the Lambda Authorizer
--> Go to API Gateway console
--> Select your REST API
--> Navigate to Authorizers section on the left side panel
--> Click "Create Authorizer"
--> Choose Lambda as the type
c. Configure Authorizer Settings
--> Name your authorizer
--> Select the Lambda function
--> For Lambda event payload, select Token
--> For Token source, enter the header name that contains the authorization token
--> To cache the authorization policy generated by the authorizer, keep Authorization caching turned on
Note 1: The caller must include a header of this name to send the authorization token to the Lambda authorizer.
Note 2: If you enable caching, your authorizer must return a policy that is applicable to all methods across an API. To enforce a method-specific policy, you can turn off Authorization caching. --> Chose Create Authorizer
d. Attach to API Methods
--> Go to Resources in API Gateway
--> Select the method you want to protect
--> Click on Method Request
--> Under Authorization, select your Lambda authorizer
--> Deploy the API to apply changes
e. Test the configuration
--> Make an API request with required authorization parameters
--> Confirm authorized requests are processed
Please refer the document provided for a detailed explanation {+} https://docs.aws.amazon.com/apigateway/latest/developerguide/configure-api-gateway-lambda-authorization.html
-
Make sure you’ve setup the right input format for the lambda authorizer based on the input type selected (Token/Request) [+] https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-lambda-authorizer-input.html#w82aac15b9c21c25c19b5
-
Kindly refer to the provided documentation to troubleshoot the HTTPS 502 status code if using a Proxy Integration with a lambda function. [+] https://repost.aws/knowledge-center/malformed-502-api-gateway
-
Check your Lambda function and API Gateway logs in CloudWatch for any errors that might be causing the 502 error. [+] https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html
-
Please refer to the Serverless Framework for lambda events [+]https://www.serverless.com/framework/docs/providers/aws/guide/serverless.yml#aws-lambda-events
Relevant content
AWS OFFICIALUpdated 2 years ago
