By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

AWS SNS SES notifications to basic-auth HTTPS endpoint always sent twice

1

I have a setup to receive AWS SES Open notifications via SNS to a HTTPS endpoint of our web app. I followed the documentation and set it up with basic-auth https://docs.aws.amazon.com/sns/latest/dg/sns-http-https-endpoint-as-subscriber.html.

All notifications from AWS arrive two times, the first time without the basic-auth header, but full payload, and the second time with basic-auth header. Here a redacted dump of what AWS sends and how we respond when I open an email with tracking pixel https://gist.github.com/mklinik/29de83fe88a5c873db9b232a6f752760

Is this the expected behaviour?

Topics
Application IntegrationFront-End Web & MobileBusiness Applications
Tags
Amazon Simple Notification Service (SNS)Amazon Simple Email Service
Language
English
Markus
asked 3 years ago1.1K views
1 Answer
1

Maybe someone else can answer the SES-specific implementation details pertaining to your question, so take my following answer with a grain of salt.

Basic auth is a challenge-response mechanism, so it is generally considered best practice to only send credentials when prompted. This allows for redirects to occur for example (e.g. upgrade the connection to HTTPS if initiated over HTTP), so the credentials only being sent when necessary.

AWS
Jesse_T
answered 3 years ago
  • kliakos
    a year ago

    Would be really handy if SNS could do preemptive authentication, like most http clients support. Would save both sides from duplicate requests.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content