How do I deactivate the API Gateway default endpoint for REST or HTTP APIs?

3 minute read

I want to allow clients to invoke my APIs with only the custom domain name.

Short description

Amazon API Gateway REST APIs and HTTP APIs use a default API endpoint in the following format: https://API_ID.execute-api.REGION.amazonaws.com. If you use a custom domain name for your API Gateway REST or HTTP APIs, then you can deactivate the default endpoint. This allows all traffic to route to your APIs through the custom domain name.

Resolution

To deactivate the default endpoint, use the API Gateway console, AWS Command Line Interface (AWS CLI), or AWS CloudFormation. After you deactivate the default endpoint, you must initiate a deployment for the update to take effect.

Note: If you receive errors when running AWS CLI commands, make sure that you're using the most recent version of the AWS CLI.

API Gateway console

REST API

Open the API Gateway console.
In the navigation pane, choose APIs, and then choose your REST API.
In the navigation pane, choose Settings.
For the Default Endpoint, choose Disabled, and then choose Save Changes.
In the navigation pane, choose Resources, Actions, and then choose Deploy API.

HTTP API

Open the API Gateway console.
In the navigation pane, choose APIs, and then choose your HTTP API.
In the navigation pane, choose API: API_NAME(API_ID).
Choose Edit.
For the Default Endpoint, choose Disabled, and then choose Save.

AWS CLI

REST API
Run the AWS CLI command update-rest-api:

aws apigateway update-rest-api --rest-api-id abcdef123 --patch-operations op=replace,path=/disableExecuteApiEndpoint,value='True'

To deploy the updated API, run the AWS CLI command create-deployment:

aws apigateway create-deployment --rest-api-id abcdef123 --stage-name dev

Note: Replace api-id abcdef123 and stage_name dev with your REST API ID and respective stage.

HTTP API

Run the AWS CLI command update-api:

aws apigatewayv2 update-api --api-id abcdef123 --disable-execute-api-endpoint

To deploy the updated API, run the AWS CLI command create-deployment:

aws apigatewayv2 create-deployment --api-id abcdef123 --stage-name dev

Note: Replace api_id abcdef123 and stage_name dev with your HTTP API ID and respective stage.

CloudFormation template

To deactivate the default endpoint from a CloudFormation template, set the DisableExecuteApiEndpoint parameter to True. Update the CloudFormation template for a REST API or HTTP API.

Important: If you invoke the API with the default endpoint URL, then deactivating the default endpoint results in an error. You receive an HTTP 403 Forbidden error for REST APIs or an HTTP 404 Not Found error for HTTP APIs.

Related information

Invoking a REST API in Amazon API Gateway

How do I troubleshoot HTTP 403 errors from API Gateway?

Topics

Serverless Front-End Web & Mobile Networking & Content Delivery

Relevant content

Control access for invoking Rest API in API Gateway
Accepted Answer
Farzan
asked 4 years ago
API Gateway Websocket Integration with Rest Endpoint
rePost-User-2468307
asked a year ago
Do HTTP APIs have same IAM integrations as REST APIs?
Accepted Answer
Ed S
asked 4 years ago
Using custom REST endpoint URLs for API Gateway
anjanesh
asked 10 months ago
CloudFront for HTTP API Gateway with disabled default endpoint
rePost-User-5267178
asked a year ago
How do I troubleshoot API Gateway REST API endpoint 403 "Missing Authentication Token" errors?
AWS OFFICIALUpdated 7 months ago
How do I pass data through an API Gateway REST API to a backend Lambda function or HTTP endpoint?
AWS OFFICIALUpdated 2 years ago
How can I troubleshoot missing CloudWatch logs for API Gateway REST APIs?
AWS OFFICIALUpdated 2 years ago
How do I migrate API Gateway REST APIs between AWS accounts or Regions?
AWS OFFICIALUpdated 3 years ago
Implementing request parameters validation in Amazon API Gateway REST API with Cloud Development Kit (CDK)
EXPERT
Vihang Shah
published 4 months ago