Skip to main content

Set up API Gateway

1) Create a REST API Gateway#

We will be using AWS API Gateway to create a REST API that will be used to communicate with our Lambda functions.

Create API gateway step UI

2) Set up auth routes#

Create a /auth resource and then /auth/{proxy+} resources. This will act as a catch-all for all supertokens auth routes. Enable CORS while creating the proxy resource.

Create proxy route step UIRoute creation complete step UI

3) Attach lambda to the ANY method of the proxy resource#

Click on the "ANY" method and then "Integration" to configure the lambda function. Check Lambda proxy integration and then select your lambda function.

Configure lambda integration UI

4) Enable CORS for the proxy path#

Click on the {proxy+} resource and then "Enable CORS" button to open the CORS configuration page.

Enable CORS for the proxy path UI
  • In the CORS configuration page do the following:
    • Select the 'Default 4XX' and 'Default 5XX' checkboxes under Gateway responses
    • Select the 'OPTIONS' checkbox under Methods
    • Add rid,fdi-version,anti-csrf,st-auth-mode to the existing Access-Control-Allow-Headers
    • Set Access-Control-Allow-Origin to '<YOUR_WEBSITE_DOMAIN>'
    • Select Access-Control-Allow-Credentials checkbox
CORS configuration page

4) Deploy the API Gateway#

Click the Deploy API button in the top right corner to deploy the API. During deployment, you'll be prompted to create a stage; for this tutorial, name the stage dev. After deployment, you will receive your Invoke URL.


Update apiDomain, apiBasePath, and apiGatewayPath in both Lambda configuration and your frontend config if they have changed post API Gateway configuration.