1

Background

I'm trying to get GitHub OAuth but https://github.com/login/oauth/access_token endpoint for creating an OAuth access token does not support CORS requests from Web applications. In the comment it is said to "use AWS API Gateway to create your own authorization call", and I made an API with amplify add api.

Question

My API Gateway domain name in Endpoint configuration response with 403 while the URL of API and test running correctly.

  • API Gateway domain name has patter like "d-56789qwert.execute-api.eu-west-2.amazonaws.com${MAPPING_PATH}/${API_METHOD}/" (start with d-)
  • path is set to "test" and my "d-56789qwert.execute-api.eu-west-2.amazonaws.com${MAPPING_PATH}/${API_METHOD}/" (start with d-)
  • API URL has pattern "https://54321asdfg.execute-api.eu-west-2.amazonaws.com/staging/items" (without d-)
  • API added with amplify add api, @aws-amplify/cli version 6.1.0
  • Reponse body is {"message":"Forbidden"}, header has
x-amzn-ErrorType: ForbiddenException
x-apigw-api-id: GXt2RGr8TPEFECT=

(without d-)

Current workaround 2021oct06

Work around: use firebase.

What I did

  • Searched Stack Overflow, Youtube, Official Doc, Google. Asked in AWS Discord server.
  • Cheked the Official Document of ForbiddenException
  1. I don't have API Authorization(it's NONE);
  2. I don't have WAF;
  3. I have x-apigw-api-id in the response header;
  4. The default endpoint is not disabled.
Pablo LION
  • 1,294
  • 6
  • 20
  • if anyone ends up here ... chances are you might have hit this: 9. On custom domain names page, I select “API mappings → Configure API Mappings”. https://aws.plainenglish.io/custom-domain-for-aws-api-gateway-86d14e0d6024 i.e. forgot to add api mapping for a custom domain on aws. – Antonio Terreno Nov 10 '21 at 16:26
  • 1
    It's too heavy for to turn back to AWS now... I hope someone will test this, any maybe answer+close this question. – Pablo LION Nov 15 '21 at 18:25

0 Answers0