Is it possible to throw custom error message from API Gateway Lambda Authorizer
I have created an Lambda Authorizer for custom authorization in API Gateway. I need to throw custom error message like this.
{ errorCode: 'xyz_12#', errorType: 'Constraint error', errorMessage: 'Need permission to perform this action', statusCode: 401 }
Is it possible from lambda authorizer?
Yes. At the end of the example authorizer in the docs (https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-use-lambda-authorizer.html), there is way to output optional data. Updating with your values, it would be something like this:
// Optional output with custom properties of the String, Number or Boolean type.
authResponse.context = {
"errorCode": "xyz_12#",
"errorType": "Constraint error",
"errorMessage": "Need permisssion to perform this action"
};
In the body mapping template, you'd access these as follows:
{"errorCode":"$context.authorizer.context.errorCode", "errorType": "$context.authorizer.context.errorCode"}
The one caveat here is that you can't specify the HTTP error code. The authorizer has to generate a 'Deny' policy which then results in an HTTP 403.
More discussion is available here: https://stackoverflow.com/questions/47921803
Relevant questions
Is it possible to throw custom error message from API Gateway Lambda Authorizer
asked a month agoClient API Throttling in API Gateway
Accepted Answerasked a year agoI'm getting {"message":"Forbidden"} when trying to access my lambda from custom domain in api Gateway
asked 5 months agohttp authorizer lambda permissions
Accepted Answerasked 2 months agoCan I use API Gateway cache invalidation with a custom authorizer ?
asked 4 months agocan we attach the custom domain to lambda function urls ?
Accepted Answerasked 25 days agoattach lambda authorizer to http API
asked 2 months agolimits with API gateway custom authorizer for number of requests
Accepted Answerasked 2 years agoAPI Gateway Cache Invalidation not working
asked 4 months agoIs it a good way to implement custom authorization logic(like an API call to validate header parameters) in Lambda Authorizers?
asked 20 days ago