您正在使用来自 cognito 身份的Basic Authflow"，这意味着您需要通过调用 STS 的AssumeRoleWithWebIdentity"来为您的用户获取凭据.以下是一些帮助文档:http://docs.aws.amazon.com/cognito/devguide/identity/concepts/authentication-flow/

You are using the "Basic Authflow" from cognito identity, which means you will need to get credentials for your users by calling STS's "AssumeRoleWithWebIdentity". Here is some documentation to help: http://docs.aws.amazon.com/cognito/devguide/identity/concepts/authentication-flow/

拥有凭据后，您可以实例化 API 网关客户端:

Once you have credentials, you can instantiate the API Gateway Client:

var client = apigClientFactory.newClient({ 
    accessKey: ACCESS_KEY, 
    secretKey: SECRET_KEY, 
    sessionToken: SESSION_TOKEN });

密钥和令牌来自AssumeRoleWithWebIdentity"调用的结果.

The keys and tokens come from the result of the "AssumeRoleWithWebIdentity" call.

如果您已正确配置 IAM 角色和授权，您应该能够访问您的 API.

If you have configured your IAM roles, and Authorizations correctly you should be able to access your API.

这是描述如何配置角色的文档 &授权:http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-method-settings.html#how-to-method-settings-callers-console

Here is the documentation describing how to configure the roles & authorization: http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-method-settings.html#how-to-method-settings-callers-console

此外，这里是如何启用 CORS - http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-cors.html

Also, here is how to enable CORS - http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-cors.html