Custom authorizer error not returned to client

I am running into some issues when using a custom authorizer for my Serverless Framework endpoints.

I followed the docs listed here: and I am able to get my requests to go through if the user is authenticated and they are rejected if the token is invalid so all good there.

My issue is that, from my authorizer handler, I return return new Error('[401] Unauthorized') if the token is invalid, but that doesn’t seem to make its way to the client. As per the docs ( I would expect the client to receive a response of 401 but instead they get a 500 with a payload of {"message":null}.

Any help would be greatly appreciated. Thanks!

Those status codes only apply to Lambda’s handling requests from the API Gateway and not the custom authorizers. See for an example of how to trigger a 401 response from a custom authorizer.