How to return 404 http response status code for access denied services - Rest API


Is any one knows how to assign 404 http response code for those api methods restricted at server port level.

Ex: post method

pub.flow:setResponseCode check this if helps?

Hi Mahesh,

It couldn’t help bcz the method / application code is never getting invoked. The request stops at server level.

I am providing more inputs here…

We are allowing only _get method in one of the IS. As part of vulnerability testing some requests are sent by _post method. By default our IS is returning 403 response code back to those unauthorized service requests. But they want 404 response code.

Chandra, for invoking a wrong method, response code must be 405…

I am not sure when you meant, “api methods restricted at port level”.

API methods are not restricted at port, but the tokens that are issued will have scopes attached to it and it is allowed only for granted http methods. Do not try to wrap the response code or customize it. API gateway handles it.