How do I troubleshoot 403 "Missing Authentication Token" errors from an API Gateway REST API endpoint?
Last updated: 2021-10-06
When I try to invoke my Amazon API Gateway REST API, I keep getting 403 "Missing Authentication Token" error messages. How do I troubleshoot these errors?
API Gateway REST API endpoints return Missing Authentication Token errors for two reasons:
- The API request is made to a method or resource that doesn't exist.
- The API request isn't signed when the API method has AWS Identity and Access Management (IAM) authentication turned on.
To troubleshoot the error, do the following.
Confirm that there's a method and resource configured in the API Gateway resource path
Important: You must deploy the API for the changes to take effect.
For APIs with a proxy resource integration
If the method request is sent to the root resource, then verify that there's a method configured under the root resource.
Confirm that the API request is signed if the API method has IAM authentication turned on
For more information, see Signing requests.
Confirm that you're sending the correct HTTP method request to the REST API endpoint
Testing a REST API endpoint from a web browser automatically sends a GET HTTP method request.
To test a POST HTTP method request, use a different HTTP client. For example: Postman or curl.
Example curl command that uses the POST HTTP method request
$ curl -X POST <API URL> -d <request body>