How setup header in Postman for Api Gateway authenticated with Cognito?

Asked 24/10, 2017 at 21:3 Answered 25/10, 2017 at 19:20

Solved amazon-web-services postman aws-api-gateway amazon-cognito amazon-cognito-facebook

I use AWS Identity Pool with Facebook provider to authenticate client. I need to invoke AWS Lambda using Api Gateway. From Cognito, using Facebook token, i received credentials: AccessKeyId, SecretKey and SessionToken.

Using this credentials, how should I setup header request to invoke my Lambda?

Api Gateway setup (test calls my lambda)

I try to call my api, it returns "The security token included in the request is invalid."

Thank you!

Colligate answered 24/10, 2017 at 21:3 Comment(0)

You have to manually set 'x-amz-security-token' in Postman and pass the token in that header.

Exhortative answered 25/10, 2017 at 8:44 Comment(0)

JoshuaC and Vijayanath Viswanathan thank you both. Following your suggestion I resolved the issue.

I did the follow steps:

Setup AWS Signature and click on "Update Request"

Add in header "X-Amz-Security-Token" with SessionToken

Colligate answered 25/10, 2017 at 19:20 Comment(5)

HI @Alexander Karpov , Tried the same setup as you did here . But i am facing

The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method

Error. Basically i am using federated identity and getting Temporary creds and using them in postman . – Positive 19/8, 2018 at 10:11

@Positive i guess you need to provide also Session Token for Federated Identity – Colligate 19/8, 2018 at 12:53

Thanks @Alexander for responding. Yeah what you said is correct . How do you find the signature of your request ? Because for that i need to have string to sign right ? – Positive 19/8, 2018 at 12:57

@Positive I usually use SDK of AWS to get this information. Try to see API for CLI docs.aws.amazon.com/cli/latest/reference/cognito-identity. May be it helps you. – Colligate 19/8, 2018 at 14:14

can I do the same sending the user and pass but not the secret? – Rachellrachelle 15/10, 2019 at 13:48

You have to manually set 'x-amz-security-token' in Postman and pass the token in that header.

Exhortative answered 25/10, 2017 at 8:44 Comment(0)

Please try this for postman:

http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-use-postman-to-call-api.html

you choose the AWS Signature option in the Authorization drop-down, and fill out the fields using the key and secret, click update. Postman will sign the request for you.

And also make sure the role being assigned to your cognito users has access to invoke apig.

Tendinous answered 25/10, 2017 at 8:45 Comment(0)

Recommended topics

Hot tags