Getting error: Missing Authentication Token after AWS API request

Question

I am trying to call a Lambda Function through AWS API Gateway.

I've been getting this error when I tried IAM authentication, API Key Authentication and also with no authentication.

{"message":"Missing Authentication Token"}

Some people had the same problem due to non existing endpoint. However, I've taken my endpoint directly from the Lambda Function AWS Console.

I've been trying to open the URL in the Browser and also on the Postman (with and without a header authentication: x-api-key: *****************).

Both responded with above stated error.

Does this work if you set up the API first in API Gateway and then add the Lambda function to the API? — RyanG, May 09 '16 at 18:06
AWS has a strange, inconsistent vocabulary. Sometimes when AWS says "authentication" it means "resource" and sometimes when AWS says "token" they mean "path". So you have to translate "Missing authentication token" to "Missing resource path". — NeilG, Aug 18 '23 at 16:12

score 19 · Answer 1 · edited Nov 23 '16 at 07:38

19

One more step: in Postman, you need to set the Authorization to AWS Signature, and then enter your AccessKey and SecretKey from your IAM user:

Postman screenshot

edited Nov 23 '16 at 07:38

V-rund Puro-hit

5,518
9
31
50

answered Nov 22 '16 at 22:24

John Haller

191
1
4

It works! While testing in Postman ensure Request body is set to Raw (application/json). I had forgotten about it. :p – Niraj Kumar Nov 22 '18 at 12:38
16

Why would you need to set AccessKey/SecretKey if OP specific Authorization as NONE? – alex Apr 28 '21 at 17:15

score 8 · Answer 2 · answered Dec 02 '16 at 22:55

I'll write up a detailed FAQ here for any viewers. Ordered by most common cause.

Incorrect resource path and/or HTTP method.
- If you have the right resource path and the wrong HTTP method, you'll still see this message
- You can use Postman or some other client to sign a request to the same resource/method and if you get a 404 then you definitely have the wrong resource/method.
Missing signature on protected resource/method. By default, your API will be open. If you have explicitly required AWS Auth then the error indicates that the request wasn't signed.
If you're using the Lambda console to create an 'API Endpoint' it may be an issue on the Lambda end, or a delay in the propagation of the new API. In this case go to the API Gateway console and you should see the same API that Lambda created for you. Make sure it has been deployed and you have the right stage, resource path, and method.

score 4 · Answer 3 · answered Feb 16 '20 at 20:21

4

Just wanted to mention that if you set your API gateway's authentication to be NONE, make sure you need to Deploy API first before the no authentication setting is in effect.

answered Feb 16 '20 at 20:21

saber47

41
3

Thank you, this saved my day. I take the chance to express my frustration on how horrible the AWS API Gateway DX is – Alexander Fortin Nov 10 '21 at 09:26

score -2 · Answer 4 · answered Jun 09 '16 at 11:58

-2

You need to set Api Key Required to true. See more here: http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-api-keys.html

answered Jun 09 '16 at 11:58

Mbrevda

2,888
2
27
35

1

The behavior for Api Key Required = false is not to throw a 403 error. The other answers are correct, this is more to do with either a) wrong resource/method b) missing creds on protected resource/method – jackko Dec 02 '16 at 22:48

score -2 · Answer 5 · answered Dec 12 '16 at 19:48

-2

You have to Enable CORS from the actions for the API. This will create a new OPTIONS method. CORS is for cross domain requests

answered Dec 12 '16 at 19:48

Atihska

4,803
10
56
98

Getting error: Missing Authentication Token after AWS API request

5 Answers5