By using AWS re:Post, you agree to the Terms of Use

Is it possible to return 401 error from WebSocket API Gateway Lambda Authorizer without throwing an error?


Hello, we are using WebSocket API Gateway Lambda Authorizer to authorise the users and we throw an Unauthorized error when the cookie is invalid (related AWS doc). But this increases AWS/Lambda Errors metrics which triggers our alarms and we don't want to turn this alarm off because we want to be notified about any function errors. Is it possible to return 401 HTTP status code to client from API Gateway but without throwing an error from Authorizer? Any CloudFormation example code is appreciated.

I know we can use Deny Policy document but this results in 403 status code which is not what we want.


1 Answers


I understand that you want Websocket API to return 401 status code to client, without returning unauthorized error response from Lambda authorizer. REST API supports Gateway Response, which can be used to modify 403 status code from lambda authorizer to customized error response, including 401 status code.

At this time, Websocket API does not support Gateway Response. We already have a feature request open with the service team, regarding this. While I am unable to comment on if/when this feature may get released, I request you to keep an eye on our What's New and Blog pages for any new feature announcements.

answered a month ago
  • Thanks for the response and links, do you have a link to that feature request? So we can follow the progress. Thanks

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions