After having logged in, you are not redirected to the API Management UI. The error message reads: "HTTP Status 403 - Forbidden. The server understood the request but refuses to authorize it."
If you are using CentOS on your API Management server, you might have run into a know firewall issue.
Change the firewall rules as to trust the Docker interface.
Your browser shows an ERR_SSL_VERSION_OR_CIPHER_MISMATCH error.
This may be a problem with your file permissions: If the file permissions are not set correctly, the container can not read the certificate.
Linux: Change the file permissions in your config folder to provide at least read-access:
chmod -R 644 api-mgmt/configs
An API Management update has failed and you need to restore a previously backuped installation.
API Management 7.4.0 comes with Kibana and all needed configurations. If you are updating an older installation of API Management to 7.4.0, the configurations of Kibana are missing.
If you want users to be able to use Kibana, do the following:
Step 1: Add a new role for Kibana to Keycloack
For users to be able to use Kibana, you need to create a dedicated role in Keycloack (including clients and client scopes).
Open your Keycloak URL, e.g. https://api.acme-corp.com:8445/auth/admin, and login to the administration console. The admin credentials have been defined during installation of API Management.
Select realm Apiman and go to section Clients.
Create a new client called kibana with the following settings:
Setting
Value
Name
kibana
Access Type
confidential
Valid Redirect URIs
https://<your API Management URL>:<your Kibana port>/oauth/callback
Go to Client Scopes and create a new scope kibana-scope and, within this scope, a new mapper kibana-audience-mapper with the following settings:
Tab
Setting
Value
Settings
Name
kibana-scope
Mappers
Name
kibana-audience-mapper
Mapper Type
Audience
Included Client Audience
kibana
Switch back to client kibana and go to tab Client Scopes.
Add the previously created scope kibana-scope to the list of Default Client Scopes.
Switch to Roles and create a new role kibanauser.
Step 2: Add the new role to some users
Go to section Users and assign the new role kibanauser to all users you want to be able to use Kibana as described on Managing Users and Permissions.
If you can't solve your problem with help of the documentation, you can file a ticket to our support team at support@scheer-pas.com. All mails to our support mailbox will open a ticket in our service desk. Optionally, you may use our service desk portal. There, you can manage your tickets and raise new support requests. Using the portal requires you to register your email address, which will not take much time.
To help you with your problem, our Support team needs some information on your software and environment. Please refer to Information to Include in a Support Request for more details on this.