HCL Commerce REST API documentation contains a list of resources that are provided by the HCL Commerce REST API. Each REST resource contains information such as URLs, descriptions, and sample input and output data.
  • For security reasons, Swagger should not be exposed in your live production environment.

    You can restrict it from being exposed in the following ways:

    • If the REST API ports are not required to be exposed externally, ensure that they are blocked by your firewall rules. These ports include 5443, 9443, 8000, 30800, and 30900.
    • If you need to expose these ports:
      1. Disable the REST Discovery API for the Transaction server. For more information, see Enabling and disabling the REST Discovery API.
      2. Ensure that you configure your web server to block access to the following swagger endpoints:
        • https://<hostname>:5443/wcs/resources/api.
        • https://<hostname>:8000/rest/admin/v2/swagger.
        • https://<hostname>:9443/commerceue/extension/api.
        • https://<hostname>:30900/search/resources/v3/api-docs
        • https://<hostname>:30800/v3/api-docs