Amazon API Gateway
Developer Guide

Use an API Key in API Gateway

You can use an API key in API Gateway to enable an API's methods. When you enable an API key, callers must supply it as part of the call.


  1. You must have an API available in API Gateway. Follow the instructions in Creating an API.

  2. You must have deployed the API in API Gateway at least once. Follow the instructions in Deploying an API.

Use an API Key with the API Gateway Console

To enable an API key with the API Gateway console, follow these instructions:

  1. Sign in to the API Gateway console at

  2. Choose the GET method under a resource of your choosing.

  3. Choose the Method Request box

  4. If API Key Required is set to false, choose the pencil icon next to it. From the drop-down menu list, choose true. Finally, choose the check-mark icon to save the setting.


    The steps above configures the API Gateway to enforce using API key. Otherwise, the API key created following the instructions below will not be used.
  5. In the secondary navigation bar, in the first list next to the console home button, choose API Keys.

  6. Choose Create API Key.

  7. For Name, type a name for the API key entry.

  8. (Optional) For Description, type a description for the API key entry.

  9. To enable the API key, select Enabled.

  10. Choose Save. Make a note of the key displayed in API key.

  11. For API Stage Association, for Select API, choose the name of the API.

  12. For Select stage, choose the name of the stage.

  13. Choose Add, and then choose Save.

  14. Callers must now add to each call a custom header named x-api-key, along with the value of the API key. For example, if the API key value is bkayZOMvuy8aZOhIgxq94K9Oe7Y70Hw55, the custom header would be as follows:

    x-api-key: bkayZOMvuy8aZOhIgxq94K9Oe7Y70Hw55


In addition to, or instead of, enabling an API key, you can restrict access to certain IAM users only. For instructions, see Configure How a User Calls an API Method.