KB-2047 Attempting to access Tempo after an upgrade results in a 403 Forbidden error for all users


After upgrading to a newer version of Appian, users experience a 403 Forbidden error when attempting to access Tempo regardless of authentication method or "Tempo Users" group membership. Users are still able to access the Admin Console, Designer, and Sites.


The newer version of Appian contains an updated whitelist-urlrewrite.xml file. The old whitelist-urlrewrite.xml file may have been copied over from the previous version rather than merged with the latest version.


Merge any customizations with the new default whitelist-urlrewrite.xml file in <APPIAN_HOME>\ear\suite.ear\web.war\WEB-INF\conf\security\uri (JBoss) or <APPIAN_HOME>\deployment\web.war\WEB-INF\conf\security\uri (Tomcat) and restart the application server. For more information on updating configuration files, refer to the documentation.

Affected Versions

This article applies to all versions of Appian.

Last Reviewed: January 2020