I am building a web site as a part of a project of mine and I got a bit stuck.
I created an API Gateway that will help me communicate with my AWS Lambda (That is basically the backend side that is calling a text-to-speech model).
I believe my API Gateway is set properly, as when I try to test the POST method, I get back the expected result. However, when I try to access the API using the same request from my website directly, I get a 401 UNAUTHORIZED.
I can tell that the API Gateway testing does state that when triggered, they invoke the method directly and skip the authorization process which makes sense.
I tried setting an Authorizer from the Gateway interface, create an API-key for my API, but no success so far.
Any suggestions?
2
Answers
If your tests are successful from a standalone client, the 401 is likely due to a CORS error on the OPTIONS pre-flight request.
Follow the documentation to enable CORS on your API Gateway resource.
You need to create a usage plan under API GW and associate your key with the usage plan, then you will be able to access the API,
Don’t forget to pass the key as a header in your request, with header key-value pair "x-api-key: your-api-key" .
Read more about this here