Restricting Access To Swagger APIs For On Prem Orchestrator Due To Security Concern

News Knowledge Base
1

How to restrict access to swagger API?

Follow the below steps to block Swagger access:

  1. Go to the IIS Manager of your Orchestrator machine.
  2. Click on the local machine name (Orchestrator in the example below):

image.png

  1. Navigate to URL Rewrite and double-click URL Rewrite.
  2. Click Add Rule on the right-hand side:

1.png

  1. Double-click Request blocking.
  2. Configure the details in the Add request blocking rule page as shown below:

2.png

  1. Click OK.
  2. Restart the server.
  3. Now the Swagger page is blocked.