Identifying errors in API Gateway

I understood I can assign http status according to regex matched on response from lambda function.

For example I have API call to login user to Cognito which throws error on invalid credentials with code NotAuthorizedException and message Incorrect username or password. and I wonder how to categorize it as error 401.

I added prefix [401] to the message and APIG settings below ensures that the API call really ends with code 401 and message {"message": "[401] Incorrect username or password.","code": "NotAuthorizedException"}.

"responses": {
  ".*401.*": {
    "statusCode": "401",
    "responseModels": {},
    "responseTemplates": {
      "application/json": "{\"message\": \"$input.path('$.errorMessage')\",\"code\": \"$input.path('$.errorType')\"}"

But I would be happier if that [401] prefix isn’t propagated to the user (so that he gets only {"message": "Incorrect username or password.","code": "NotAuthorizedException"}. Is it possible to remove it from the message afterwards or somehow identify the error without altering the message?

I guess I can look for error codes directly in the regex (something like .*(NotAuthorizedException|UserNotFoundException).* - But will the disjunction work? I didn’t see it in any example) but I would have to specify the response for each lambda function again and again (now I use template according to

Well, simply I’ m not sure what’s the best approach and welcome any suggestions. ;o)

We’re currently discussing this functionality here:

Basically so you’re able to add your own regexes

1 Like