0 votes
1 view
in AWS by (16.7k points)

From API Gateway, I created a custom authorizer for my API using Lambda function in python. API Gateway hands over the incoming auth token using a header I configure(method.request.header.Authorization). However, I also need the other headers of the original http request inside my lambda function. How do I access them? I did not see the headers on event object input to my lambda function. 

As per AWS Documentation, API Gateway calls Custom Authorizer with below input. Base on the below, I assume my ask is not possible. But want to check if there is a workaround. 

{

    "type":"TOKEN",

    "authorizationToken":"",

    "methodArn":"arn:aws:execute-api:<regionId>:<accountId>:<apiId>/<stage>/<method>/<resourcePath>"

1 Answer

0 votes
by (39.6k points)

You can the Authorizer of type “Request to do this instead of a Token.

This documentation on Use API Gateway Lambda Authorizers has all the details.

All headers have to be passed onto the event object for a Requestion authorisation.

That is headers object on event  

    "headers": {

        "X-wibble": "111",

        "X-wobble": "222",

        "x-amzn-ssl-client-hello": "*Deleted*",

        "Via": "1.1 .cloudfront.net (CloudFront)",

        "CloudFront-Is-Desktop-Viewer": "true",

        "CloudFront-Is-SmartTV-Viewer": "false",

        "CloudFront-Forwarded-Proto": "https",

        "X-Forwarded-For": "*Deleted*",

        "CloudFront-Viewer-Country": "GB",

        "Accept": "*/*",

        "User-Agent": "curl/7.55.1",

        "X-Amzn-Trace-Id": "Root=*Deleted*",

        "Host": "*Deleted*.execute-api.eu-west-1.amazonaws.com",

        "X-Forwarded-Proto": "https",

        "X-Amz-Cf-Id": "*Deleted*",

        "CloudFront-Is-Tablet-Viewer": "false",

        "X-Forwarded-Port": "443",

        "CloudFront-Is-Mobile-Viewer": "false"

    }

...