Problem

When a user/client attempts to access the URL https://<apim-host>:8089/ they are redirected to the Client Application Registry login page:

Resolution

This can be fixed by modifying the 'Client App Registry Protection Policy' in Policy Studio. To do this, open your configuration in Policy Studio and navigate to Environment Configuration > Listeners > API Gateway > OAuth 2.0 Services > Paths, The policy for the "/" endpoint should be called 'Client App Registry Protection Policy.'

There are a couple of different ways to resolve this:

1) For the OAuth "/" path, replace 'Client App Registry Protection Policy' with 'API Manager Protection Policy' which will cause the request to be redirected to the API Manager login page (if not already logged in).

OR

2) Supply your own policy for the OAuth "/" path. For example, you could have a policy that simply returns an HTTP 404 response.