3426022 - Swagger is forbidden due to 403 error

Symptom

If encountering 403 forbidden page when try accessing to the swagger on api endpoint, one possible situation is due to the IP filter setting, in this case it needs to add the IP/IP range to the whitelist by referring to help guide

This article talks about another possible situation, the error looks like below:

{"localServerName": "test.api.******.com", "remoteHost": "***.***.***.***", "identdUsername": "-",
"remoteUser": "-", "time": "[14/De
c/2023:06:42:35 +0000]", "responseTime": 2259, "requestFirstLine": "GET /rest/v2/swagger-ui/index.html HTTP/1.1", "distcrequest": "/ rest/v2/swagger-ui/index.html",
"status": "403", "bytes": "25768", "referer": "-",
"jSessionID": "-", "userAgent": "Mozilla/5.0 (Mac
intosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36", "cache status": "-"}

[Thu Dec 14 06:42:35.052448 2023] [security2:error] [pid 2717:tid 139800548944696] [client 93.94.71.94:51880] [client ***.***.***.***] M
odSecurity: Access denied with code 403 (phase 1). String match "/rest/v2/swagger-ui/index.html" at REQUEST_FILENAME. [file "/usr/10 cal/apache2/conf/httpd.conf"] [line "3948"] [id "1002"] [hostname "test.api.******.com"] [uri"/rest/v2/swagger-ui/index.html"]

Environment

SAP Commerce Cloud

Product

SAP Commerce Cloud all versions

Keywords

swagger-ui, Access denied with code 403 , KBA , CEC-SCC-CLA-CPO , Cloud Portal , CEC-SCC-COM-BC-WSC , Web Services Commons , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.