API Gateway using serverless-domain-mananger returns 403 error

gigantor2012 · July 25, 2018, 10:38pm

When I use the custom domain https://api-dev.testapp.net or if I use the actual API Gateway generated URL the request returns an error:

    OPTIONS https://api-dev.testapp.net/dev/locations 403 ()

    Failed to load https://api-dev.testapp.net/dev/locations: Response to preflight request doesn't pass access 
    control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 
    'https://xxxxx0f67xxxxxe7963c04cxxxxx23bf.vfs.cloud9.us-east-1.amazonaws.com' is therefore not allowed 
    access. The response had HTTP status code 403. If an opaque response serves your needs, set the 
    request's mode to 'no-cors' to fetch the resource with CORS disabled.

I have set up an API where each path is a microservice, all pointing back to a custom domain name. Each stage also has a different domain.

I am using cognito for user authentication and as far as I can tell the authentication is functioning properly.

Here is a sample of my serverless.yml

service: testapp-location
plugins:
  - serverless-domain-manager
    
custom:
  stage: ${opt:stage, self:provider.stage}
  domains:
    prod: api.testapp.net
    test: api-test.testapp.net
    dev: api-dev.testapp.net

customDomain:
  basePath: "locations"
  domainName: ${self:custom.domains.${self:custom.stage}}
  stage: "${self:custom.stage}"
  createRoute53Record: true
  
package:
  include:
    - models
    
provider:
  name: aws
  runtime: nodejs6.10
  stage: ${opt:stage, 'dev'}
  environment:
    DATABASE_HOST: ${file(../../config/api/${self:provider.stage}.config.json):DATABASE_HOST}
    DATABASE_NAME: ${file(../../config/api/${self:provider.stage}.config.json):DATABASE_NAME}
    DATABASE_USERNAME: ${file(../../config/api/${self:provider.stage}.config.json):DATABASE_USERNAME}
    DATABASE_PASSWORD: ${file(../../config/api/${self:provider.stage}.config.json):DATABASE_PASSWORD}
  region: us-east-1

I have confirmed that the Route 53 entry has been set-up and pointing to the Cloudfront distribution.
The base path mappings are also set-up and the custom domains have valid TLS certs attached to them.

Things should be working, but I think I need a hand debugging this. Any help would be appreciated.

buggy · July 25, 2018, 11:38pm

It’s a CORS error. Make sure you’re setting Access-Control-Allow-Origin to * or https://xxxxx0f67xxxxxe7963c04cxxxxx23bf.vfs.cloud9.us-east-1.amazonaws.com

Topic		Replies	Views
Open api post gives 403 with serverless-domain-manager Serverless Framework	2	2166	January 16, 2018
No 'Access-Control-Allow-Origin' header is present on the requested resource Serverless Framework aws	5	6647	November 15, 2017
CORS failure in preflight requests, despite setting cors:true in serverless.yml Serverless Framework aws , lambda , cors , api-gateway	2	10731	January 15, 2019
Has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource Serverless Framework	8	8146	December 3, 2019
Fixing CORS error from API Gateway with Serverless? Serverless Framework aws , lambda , api-gateway	0	199	August 21, 2024

API Gateway using serverless-domain-mananger returns 403 error

Related topics