AWS SNS SES notifications to basic-auth HTTPS endpoint always sent twice

0

I have a setup to receive AWS SES Open notifications via SNS to a HTTPS endpoint of our web app. I followed the documentation and set it up with basic-auth https://docs.aws.amazon.com/sns/latest/dg/sns-http-https-endpoint-as-subscriber.html.

All notifications from AWS arrive two times, the first time without the basic-auth header, but full payload, and the second time with basic-auth header. Here a redacted dump of what AWS sends and how we respond when I open an email with tracking pixel https://gist.github.com/mklinik/29de83fe88a5c873db9b232a6f752760

Is this the expected behaviour?

1 Answer
0

Maybe someone else can answer the SES-specific implementation details pertaining to your question, so take my following answer with a grain of salt.

Basic auth is a challenge-response mechanism, so it is generally considered best practice to only send credentials when prompted. This allows for redirects to occur for example (e.g. upgrade the connection to HTTPS if initiated over HTTP), so the credentials only being sent when necessary.

AWS
Jesse_T
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions