In my searches of the forums, I found a similar post from 2019 for R80.20 but there didn't seem to be a resolution.

We recently upgraded to R81.20 Take 10 from R80.40 Multi-Domain Server

We do almost all of our policy management via API (100's of changes per day) mostly without issue.  Since the upgrade to R81.20 with now get Error 403, but only when logging into the MDS, all connections to specific domains works fine.

When logging into the MDS we get the following response:

Attempting to login to CheckPoint: (503) API returned invalid JSON: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>503 Service Unavailable</title> </head><body> <h1>Service Unavailable</h1> <p>The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later.</p> </body></html>

We DO NOT get this error when logging into individuals domains.

Any idea on how to trouble shoot this?

api status returns:

API Settings:
---------------------
Accessibility: Require all granted
Automatic Start: Enabled

Processes:

Name State PID More Information
-------------------------------------------------
API Started 31776
CPM Started 31776 Check Point Security Management Server is running and ready
FWM Started 5274
APACHE Started 11186

Port Details:
-------------------
JETTY Internal Port: 60250
JETTY Documentation Internal Port: 53871
APACHE Gaia Port: 443

Profile:
-------------------
Machine profile: 65536-131071 without SME - MDS
CPM heap size: 12288m

--------------------------------------------
Overall API Status: Started
--------------------------------------------

API readiness test SUCCESSFUL. The server is up and ready to receive connections

Additional Info:

MDS is running deployed as the Check Point OVA in VMWare with the following specs:

12 Cores

96GB Memory

R81.20 Take 10