Open in app

Sign in

Write

Sign in

How to Put A .txt File Into The Root of AWS API Gateway Domain

Vlad Holubiev
Shelf Engineering
Published in
3 min readDec 28, 2019

--

Some services require you to put a file (usually a .txt one) into the root of your domain to prove you own it. When your API runs on a server, it’s a pretty straightforward task, but not so much when your API is Serverless and runs on AWS API Gateway.

Let’s imagine your API lives under the api.example.com domain and you need to put some file under api.example.com/verification.txt path.

In this tutorial, you will create a mock API, generate a response model for text/plain content-type and setup base path mapping.

A step-by-step guide with screenshots

  1. Create a new REST API in the AWS API Gateway Console

TLDR: Choose “Import from Open API 3”, paste this YAML and go to step 7.

If you want to understand how it works and what’s involved, keep reading.

2. Go to the “Models” section on the left and create a new model with MIME-type text/plain. This is needed if we want to serve .txt files properly.

Model schema is identical to the built-in “Empty” Model schema

3. Create a new GET method with integration type “Mock”

4. Click on “Integration Response” to configure default mapping templates

Right now mapping template for status code 200 is defined for Content-Type application/json. Let’s delete it and create a new one for the Content-Type text/plain. And let’s put the .txt content we want to serve there.

Replace “hello world” with the content of the verification.txt you want to serve

5. Change response headers from application/json to text/plain

Click on the “Method Response”

Let’s delete settings for a JSON response.

And replace it with a text response.

6. Make sure our API serves our text content with correct headers

7. Setup base path mapping for your custom domain

Here we ask to route api.example.com/verification.txt to our fresh API GW

8. Verify it works

Afterword

One of the example situations, when this is needed, is The Chimera Web Scanner, which is a required step when you submit your app for the Salesforce AppExchange Security Review.

Here is an OpenAPI 3.0 definition of the exported API (also available as a GitHub Gist).

openapi: "3.0.1"
info:
  title: "demo-test-verification"
  version: "2019-12-27T23:52:02Z"
servers:
- url: "https://xxx.execute-api.us-east-1.amazonaws.com/{basePath}"
  variables:
    basePath:
      default: "/prod"
paths:
  /:
    get:
      responses:
        200:
          description: "200 response"
          content:
            text/plain:
              schema:
                $ref: "#/components/schemas/Text"
      x-amazon-apigateway-integration:
        responses:
          default:
            statusCode: "200"
            responseTemplates:
              text/plain: "hello world\n"
        passthroughBehavior: "when_no_match"
        requestTemplates:
          application/json: "{\"statusCode\": 200}"
        type: "mock"
components:
  schemas:
    Text:
      title: "Empty Text Schema"
      type: "object"
AWS
Api Gateway
Serverless

--

--

Vlad Holubiev
Shelf Engineering

Written by Vlad Holubiev

522 Followers
Editor for

🇺🇦 Sr. Director of Technology @ shelf.io

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams