By using AWS re:Post, you agree to the Terms of Use

How to pass API Gateway authorizer context value as an HTTP header

0

I have a scenario where I need to send custom headers from the API gateway after successfully authorized using lambda authorizer.

From the authorizer, I will be sending the JSON policy return with the context JSON key-value pair as below.

{
  "principalId": "xxxxxxxxxx",
  "policyDocument": {
    "Version": "2012-10-17",
    "Statement": [
      {
        "Action": "execute-api:Invoke",
        "Effect": "Allow",
        "Resource": "*"
      }
    ]
  },
  "context": {
    "company_id": "xxxxx-xxx-xxxxxx",
    "Owner":"xxxxx",
  }
}

My question is, now I need to pass the context key-value pair as custom headers to the minimal API from the API gateway.

Can you please suggest to me how to achieve this, since I am started learning AWS a month ago and working on the same? It will be helpful if I get some suggestions from the people who worked on these scenarios before.

Note: Lambda function is deployed with .net 6 minimal API and API gateway resources call the deployed lambda

API gateway resources are lambda proxy enabled in the lambda integration part.

2 Answers
2

I am assuming you need to add the custom headers before you send the request to your backend. API Gateway lets you use mapping templates for this - https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-override-request-response-parameters.html

There is an example provided in this Support Knowledge Center article that gets into the weeds - https://aws.amazon.com/premiumsupport/knowledge-center/custom-headers-api-gateway-lambda/#:~:text=To%20pass%20custom%20headers%20from,from%20the%20original%20API%20request.

profile picture
EXPERT
answered a month ago
1

Hi, @Nirmal Kumar

I hosted the Minimal API with API Gateway + Lambda and experimented with passing the Lambda authorizer context value as a custom header for my request.

As a method, you need to disable Lambda proxy integration, customize the mapping template, and map the AuthorizerContext to the request header.

Please take a look at the detailed verification contents and methods summarized in the article. (I'm sorry in Japanese)

https://dev.classmethod.jp/articles/lambda-authorizer-context-minimalapi-custom-header/

profile picture
EXPERT
answered a month ago
  • Thanks a lot for the reply Iwasa.

    Do u have the source code for the same?

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions