By default, clients can invoke your API by using the execute-api
endpoint that API Gateway generates for
your API. To ensure that clients can access your API only by using a custom domain name, disable the default
execute-api
endpoint. Clients can still connect to your default endpoint, but they will receive a
403 Forbidden
status code. When you disable the default endpoint, it affects all stages of an API.
The following procedure shows how to disable the default endpoint for a REST API.
Sign in to the API Gateway console at https://console.aws.amazon.com/apigateway
. Choose a REST API.
On the main navigation pane, choose API settings.
Choose an API.
On API details, choose Edit.
For Default endpoint, select Inactive.
Choose Save changes.
On the main navigation pane, choose Resources.
Choose Deploy API.
Redeploy your API or create a new stage for the change to take effect.