This article addresses a common issue when testing AWS API Gateway locally with SAM: the 403 Forbidden error on OPTIONS queries. It investigates why the problem occurred, specifically the "Missing Authentication Token" message in the local environment. Solutions prioritize appropriate CORS settings and setting the AuthorizationType to "NONE".