Problem

Due to security reasons, with the SecureTransport-5.5-20211216 release, the reference documentation for SecureTransport REST API versions 1.0, 1.1, 1.2, and 1.3 is disabled out of the box and delivered in the form of zip archives that can be extracted and served by ST. Although not advisable, you can enable it and use it at your own risk. With older versions of SecureTransport, the documentation is still enabled out of the box but the more secure and recommended option is to disable it.

With SecureTransport 5.5-20230727 the documentation zip files are no longer bundled in the SecureTransport installation in order not to trigger security scan alerts. They are available as attachments in this KB Article. If needed for reference, this documentation is recommended to be extracted and browsed locally and not deploying them on the SecureTransport server.

Resolution

By default, the SecureTransport REST API documentation is located in two separate places as follows:

For Administrators: $FILEDRIVEHOME/tomcat/admin/webapps/api/{$API_VERSION}

For End Users: $FILEDRIVEHOME/share/ftdocs/html/docs/api/{$API_VERSION}

In each of these folders, there’s a docs folder that contains the reference documentation for the corresponding SecureTransport REST API.

SecureTransport 5.5

After installing the ST 5.5 December 2021 release, the reference documentation for all older versions of the REST API gets disabled. To enable the display of documentation, go to the corresponding REST API documentation folder, where you can find the docs folder, along with the archive docs-enabled.zip that you need to extract to make the documentation visible. You can disable it again by extracting the docs-disabled.zip archive. Make sure that you also replace the docs folder's content.

The following example commands can be used to extract the archives into the docs folder, overwriting its content.

To enable:

unzip -o docs-enabled.zip -d docs/

To disable:

unzip -o docs-disabled.zip -d docs/

SecureTransport 5.4 (and older)

By default, the REST API documentation for the older versions of the SecureTransport REST API is enabled and visualized. To disable the display of the documentation for either the Administrator or the End-User REST API, you need to archive the docs folder content. To do so, you can use the following example command.

zip -rm docs-disabled.zip docs/

If, by any reason, you need to re-enable the visualization of the reference documentation, you can extract the archive using the unzip command.

unzip docs-disabled.zip && rm -f docs-disabled.zip

Note for Windows instances

When ST is installed on Windows, the above commands will not work. You will need to use a suitable archiving program to repeat the above steps in a manner suitable for the Windows OS and your environment. In case you are on an older version of ST and you are disabling the API documentation, keep in mind to delete the files in the docs folder once you've created the docs-disabled.zip archive.