- Newest
- Most votes
- Most comments
The 403 Forbidden error indicates that the server understood the request, but it refuses to authorize it. This status is similar to 401 (Unauthorized), but indicates that the client must authenticate itself to get the requested response.
Hello,
I understand that you are observing 403 forbidden when calling the api endpoint using the apache client from inside the Lambda function. However, the mock integration works when you try to call it from postman.
Kindly note that API endpoint returns 403 forbidden in various scenarios for example when when the caller used an API key that's not valid for a method that requires an API key, the request is blocked by web application firewall, the caller's request URL includes a stage that doesn't exist, the caller uses the default execute-api endpoint to invoke a REST API after deactivating the default endpoint. However, I understand that you are not using any api key or WAF on the API.
Please find the complete details on troubleshooting 403 forbidden in the well-curated document here:
[+] https://repost.aws/knowledge-center/api-gateway-troubleshoot-403-forbidden
Additionally, if the Lambda function is inside a VPC, kindly confirm if Private DNS enabled on the execute-api VPC Endpoint in the same VPC as the Lambda function. This is another reason why you could be observing forbidden error on while trying to make the request to the API endpoint. To mitigate this issue, you can try removing the VPC endpoint if that is not being used by you or set up edge-optimized custom domain names or regional custom domain names to connect to your public APIs. Please find the complete details on the same here:
[+] https://repost.aws/knowledge-center/api-gateway-vpc-connections
If you require additional assistance , I would recommend you to reach out to AWS Premium Support by raising a Support Case using the same account with all the information.
Relevant content
- asked 5 years ago
- Accepted Answerasked a year ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
In my method request settings, the Authorization is NONE for my mock api. What kind of authentication would I need to give ?