How to access HTTP headers for request to AWS API Gateway using Lambda?

I see in the API Gateway FAQ that it is possible to access the request headers sent to the API Gateway...

If you already utilize OAuth tokens or any other authorization mechanism, you can easily setup API Gateway not to require signed API calls and simply forward the token headers to your backend for verification.

However, I can find no example of how to do so in the documentation and it is unclear how to access this data using Lambda.

I am able to set up an open API and gain access to the JSON object that is part of a POST (Walkthrough: API Gateway and Lambda Functions), but in order to implement a OAuth 2.0 style API with my own provider I need access to the "Authorization" header.

My preference is to set this up using Lambda and Java 8, but an example using node.js would also be helpful in understanding how to accomplish this.


Solution 1:

You can use the following Mapping Template in the Integration Request to generically map all path, query, and header parameters into the Lambda event. You will still need to register them in the Method Request section of the API Gateway but you can at least decouple the Mapping Template from the specific parameters you want to use. This way you don't have to change the Mapping Template code each time you change headers, query, or path parameters.

I wrote a blog post that gives more detail and some explanation of the Mapping Template: http://kennbrodhagen.net/2015/12/06/how-to-create-a-request-object-for-your-lambda-event-from-api-gateway/

Here is the Mapping Template you can use:

{
  "method": "$context.httpMethod",
  "body" : $input.json('$'),
  "headers": {
    #foreach($param in $input.params().header.keySet())
    "$param": "$util.escapeJavaScript($input.params().header.get($param))" #if($foreach.hasNext),#end

    #end
  },
  "queryParams": {
    #foreach($param in $input.params().querystring.keySet())
    "$param": "$util.escapeJavaScript($input.params().querystring.get($param))" #if($foreach.hasNext),#end

    #end
  },
  "pathParams": {
    #foreach($param in $input.params().path.keySet())
    "$param": "$util.escapeJavaScript($input.params().path.get($param))" #if($foreach.hasNext),#end

    #end
  }  
}

Solution 2:

First, you need to trap the Authorization header from the HTTP GET request. Then you need to map that value to the Lambda event object.

Go to the API method dashboard and click on Method Request. In there you can add an HTTP Request Header called Authorization as shown below.

HTTP Request Headers

This will trap the Authorization header so you can use it later.

Now go back to the method dashboard and click on Integration Request. From here you can pass the value of the header into the Lambda function by using a mapping like this.

{
    "Authorization": "$input.params('Authorization')"
}

Now in your Lambda function you can get the value like this.

event.Authorization

Solution 3:

You need to create input mapping inside Integration Request panel on the dashboard screen describing your API method.

Following code translates name query input parameter into Lambda Event input object:

{
   "name": "$input.params('name')"
}

Screenshot:

API Dashboard screenshot

You can find more info about this in the original API Gateway to Lambda input thread on AWS Forums.