Disable the default endpoint for REST APIs - Amazon API Gateway

Disable the default endpoint for REST APIs

By default, clients can invoke your API by using the execute-api endpoint that API Gateway generates for your API. To ensure that clients can access your API only by using a custom domain name, disable the default execute-api endpoint. Clients can still connect to your default endpoint, but they will receive a 403 Forbidden status code. When you disable the default endpoint, it affects all stages of an API.

The following procedure shows how to disable the default endpoint for a REST API.

AWS Management Console
  1. Sign in to the API Gateway console at https://console.aws.amazon.com/apigateway.

  2. Choose a REST API.

  3. On the main navigation pane, choose API settings.

  4. Choose an API.

  5. On API details, choose Edit.

  6. For Default endpoint, select Inactive.

  7. Choose Save changes.

  8. On the main navigation pane, choose Resources.

  9. Choose Deploy API.

  10. Redeploy your API or create a new stage for the change to take effect.

AWS CLI

The following update-rest-api command shows how to disable the default endpoint:

aws apigateway update-rest-api \ --rest-api-id abcdef123 \ --patch-operations op=replace,path=/disableExecuteApiEndpoint,value='True'

After you disable the default endpoint, you must deploy your API for the change to take effect.

The following create-deployment command creates a deployment:

aws apigateway create-deployment \ --rest-api-id abcdef123 \ --stage-name dev