aws api 网关启用 api_key 进行身份验证

Question

I have added api_key to my rest api in aws api gateway for authenticating a GET request method.

My request is:

curl -X GET -H "x-amz-key: XXXXXXXXXXXXXXXXXXXXXXQklq4C7vbEGprA" "https://XXXXXXXXXXX.execute-api.ap-northeast-1.amazonaws.com/test/10/12/+"

I keep getting the following error:

{"message": "Forbidden"}

I am doing everything as the AWS docs mention. Can anybody point me to the right direction here, how to add api_key in request?

The same request works fine if api_key authentication is removed.

Answer 1

The name of the attribute is x-api-key not x-amz-key

From the doc

Callers must now add to each call a custom header named x-api-key, along with the value of the API key. For example, if the API key value is bkayZOMvuy8aZOhIgxq94K9Oe7Y70Hw55 , the custom header would be as follows:

 x-api-key: bkayZOMvuy8aZOhIgxq94K9Oe7Y70Hw55