How to secure lambda function

Hi,

I got lambda function to work for the first time! Now its is working the endpoint is public. How do I restrict access to the lambda function? I only want my app in the same domain to access to the lambda function. Is there anything I can configure to do that?

Thank you

Jake

Hi @zhex900, you’ll get this by default if you don’t add CORS headers. Other websites won’t be able to make requests to your functions if they are on different domains. If you need more security than this then you should probably pass a special token with all requests to your function that you verify in the function before processing the request. Note that CORS only applies to requests made from the browsers. Anyone can make requests from a backend server to your function even if you don’t have CORS setup to allow it.

1 Like