Menu
Amazon API Gateway
Developer Guide

Configure How an API User Calls an API Method in Amazon API Gateway

To use the API Gateway console to specify an API's method request/response and the way in which the method will authorize requests, follow these instructions.

Note

These instructions assume you have already completed the steps in Configure How a Method Is Integrated with a Back End.

  1. With the method selected in the Resources pane, in the Method Execution pane, choose Method Request.

  2. To assign custom access permissions to the method, in the Authorization Settings area, for Authorization Type, choose Edit, and then choose AWS_IAM. Only IAM roles with the correct IAM policy attached will be allowed to call this method. If you do not want to assign custom access permissions to the method, choose NONE.

    • To create the IAM role, specify an access policy with a format like the following:

      Copy
      { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "execute-api:Invoke" ], "Resource": [ "resource-statement" ] } ] }

      In this access policy, resource-statement is the value of the ARN field in the Authorization Settings section.

    To create the IAM role, you can adapt the instructions in "To create the Lambda invocation role and its policy" and "To create the Lambda execution role and its policy" in the Create Lambda Functions section of the Build an API to Expose a Lambda Function.

    To save your choice, choose Update. Otherwise, choose Cancel.

    Note

    You can also enable an API key. For instructions, see Use an API Key when Usage Plans Are Not Enabled.

  3. To add a query string parameter to the method, do the following:

    1. Choose the arrow next to URL Query String Parameters, and then choose Add query string.

    2. For Name, type the name of the query string parameter.

    3. Choose Create a new query string.

    Note

    To remove the query string parameter, choose Cancel or Remove.

    To change the name of the query string parameter, you must remove it and create a new one.

  4. To add a header parameter to the method, do the following:

    1. Choose the arrow next to HTTP Request Headers, and then choose Add header.

    2. For Name, type the name of the header parameter.

    3. Optionally, check the Caching option to make this method as an API cache key. For more information, see Use Method/Integration Parameters as Cache Keys.

    4. Choose Create

    Tip

    To remove the header parameter, choose Cancel or Remove.

    To change the name of the header parameter, you must remove the old header parameter and create a new one in its place.

  5. For non-GET method types, expand Request Models, and for Content Type and Model name, type the content type and choose the name of a model that will transform caller-supplied data into the expected format.

    To create a model, see Create a Model.

  6. To send a set of custom response headers, a custom response data format, or both, back to callers based on the HTTP status code returned by the method, do the following:

    1. In the Method Execution pane, choose Method Response. By default, 200 response is included in the method responses. You can modify it, e.g., to have the method return 201 instead. In addition, you can add other responses, e.g., 409 for access denial and 500 for uninitialized stage variables used. Either choose the arrow icon next to 200 to specify settings for the 200 response, or choose Add Response to specify settings for any other HTTP response status code. If you choose Add Response, for HTTP Status, choose the response, choose Create, and choose the arrow next to the response.

      Tip

      You will use Method Response to specify all possible response codes for your API and use Integration Response to indicate to API Gateway how back-end errors are mapped to an HTTP status code.

    2. For each custom header you want to include in the response, in the Response Headers area, choose Add Header, type the name of the header, and then choose Save. (Choose Remove to remove a header from this list.)

      To specify a response model to transform the output's data from one format to another, in the Response Models area, choose Add Response Model. Type the content type (for Content type), choose the model's name (for Models), and then choose Save. Choose Add Response Model to specify an additional model, or choose Create a model to define a new model. (Choose Remove to remove a response model selection from this list.)