By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Is it possible to throw custom error message from API Gateway Lambda Authorizer

0

I have created an Lambda Authorizer for custom authorization in API Gateway. I need to throw custom error message like this.

{ errorCode: 'xyz_12#', errorType: 'Constraint error', errorMessage: 'Need permission to perform this action', statusCode: 401 }

Is it possible from lambda authorizer?

Topics
ServerlessComputeFront-End Web & MobileNetworking & Content Delivery
Tags
AWS LambdaAmazon API Gateway
Language
English
AWS-User-9476241
asked 2 years ago6126 views
1 Answer
1

Yes. At the end of the example authorizer in the docs (https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-use-lambda-authorizer.html), there is way to output optional data. Updating with your values, it would be something like this:

    // Optional output with custom properties of the String, Number or Boolean type.
    authResponse.context = {
        "errorCode": "xyz_12#",
        "errorType": "Constraint error",
        "errorMessage": "Need permisssion to perform this action"
    };

In the body mapping template, you'd access these as follows:

{"errorCode":"$context.authorizer.context.errorCode", "errorType": "$context.authorizer.context.errorCode"}

The one caveat here is that you can't specify the HTTP error code. The authorizer has to generate a 'Deny' policy which then results in an HTTP 403.

More discussion is available here: https://stackoverflow.com/questions/47921803

profile pictureAWS
Corey
answered 2 years ago
  • naushad
    a year ago

    1. I have tried evrything and nothing works for me. I want to customize the error mesage in the lambda authorizer if the token is expired or malformed. Followed this post as well https://stackoverflow.com/questions/47921803 . This is the main problem

    2. Another wierd problem i am facing is that the callback with custom errors also does not work in simple lambda calls. I am really tired of this. can someone please guide how to resolve. It gives me InvokeError. secondary

    callback("unauthorized"); // not working return callback(new Error("JSON.stringify(myErrorObj)")); // not working

  • rberger-informedIQ
    a year ago

    This seems to only apply for the API Gateway V1 (REST) not for the V2 (HTTP) API Gateway. I really need something like this for the V2 API Gateway and a custom authorizer

  • willis
    9 months ago

    Should the mapping template be the following?

    {"errorCode":"$context.authorizer.errorCode", "errorType": "$context.authorizer.errorType"}

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content