AWS API Gateway: Solving Missing Authentication Tokens

Last Updated on 02/22/17

As you’ve been working on setting up new endpoints via API Gateway, dealing with authentication errors can be pretty frustrating. The test method inside Method Execution might run fine, but you can’t access your new endpoint on the internet. The JSON returned from your endpoint might look like the following:

{
  "message": "Missing Authentication Token"
}

When this happens, there are three areas to check that will save you some debugging headaches.

Forgetting to Deploy

While you have tested your endpoint in the console and seen the results you wanted, you need to deploy your changes as well. Using the Gateway’s built-in deploy functionality allows for you to publish new changes to the Internet. Without doing this, you’ll never be able to see your API in the real world.

api gateway select actions

Navigate to your API and click on the Actions tab as seen in the screenshot above. Click on Deploy API, where it will bring you to a configuration modal. If you already have set up stages, deploy to the one of your choosing, but if not, create one with whatever name you’d like. Leave a note if you’d like, but otherwise you’re all set with the deploy!

api gateway select deploy stage

Don’t forget, for every change that you make, you need to redeploy your API to make sure that those changes get published to the Internet.

If you are unsure of how to get the URL for your endpoint, keep reading below to see how to find it.

Incorrect URL String

This might seem elementary, but first double check that you are using the entire URL for the endpoint that you want. A common mistake that users make is that they copy a portion of the Gateway url but miss the ending for that specific endpoint. Navigate to the Stages section of your API, and then click on the HTTP method for the endpoint you want. Once that comes up, you’ll see the full URL path highlighted in blue as shown below.

api gateway stages

To test this out, you can curl the URL or toss it in your browser location window to see if it works. If it does, you’re golden! If not, continue to the next section to check one last thing.

API Authorization

If you’ve made it this far, you’ve verified that your URL path is correct and that the latest version of your API is deployed. There is one more thing to check - the authorization settings.

I am not referring to the API Keys you can add to your endpoint, those return a separate error when not attached correctly. To check, let’s first navigate to the Method Execution of your endpoint as shown.

api_gateway_method_execution

From there, you’ll see the field Authorization. Make sure that the field is set to NONE. If you change it, be sure to click the little check mark to confirm it, and don’t forget to redeploy your API so that the new changes persist to the world. If you don’t, your request will still fail.

api gateway authorization view

At this point, take your endpoint and either curl or put it inside your browser to verify it works. Following these steps should solve your Missing Authentication Token problems, but if it doesn’t, let me know here and I’ll help you debug it!