2

I wrapped the API made using Express with API Gateway. And I am using Cognito Userpool to authenticate API Gateway.

When I accessed that API using Angular2 http service, normal value returned. However, when authentication fails, it gets the following error.

No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is therefore not allowed access. The response had HTTP status code 401.

I correctly set up the header mapping, but this time I get this error.

When I access it using Postman, I get the following result.

{

 "message": "Unauthorized"

}

I also want this same result when accessing with Angular2.

Is that possible?

tomoya ishizaka
  • 653
  • 1
  • 5
  • 10

1 Answers1

0

Unfortunately in some error cases (such as 401/403) API Gateway will not return CORS headers, even if properly configured.

We are aware this is a pain point for customers and are working on a solution, but cannot commit to a time frame for when it would be available.

Bob Kinney
  • 8,870
  • 1
  • 27
  • 35
  • 1
    I understand.The correspondence of aws makes me sad. – tomoya ishizaka Apr 02 '17 at 16:38
  • @tomoyaishizaka any update on this issue yet? How did you solve it? – eldos Apr 10 '18 at 11:17
  • @eldos, have a look at solution for it here https://stackoverflow.com/questions/36913196/401-return-from-an-api-gateway-custom-authorizer-is-missing-access-control-allo/36922233 – Tng Apr 24 '19 at 01:20