I am not sure how are you suggesting to route the call on 443 to 8089. Current Development env app server is standalone. It however is behind our firewall and IP is NATed. We have validated that firewall is not an blocker. 

Please elaborate the option.

If you are using a load balancer you can only route 443 to a single destination.

I'm guessing that you want to expose the Splunk UI to end users and use https.

The Splunk UI by default runs on port 8000 (which you can change), but unless you want the URL to your Splunk applications to include a specific port, you have to route https (443) to 8000 on the search heads.

Otherwise, your URL would have to be something like https://www.mysplunkserver.com:8000.

You want your API calls to be secure as well, but you can't route port 443 from the same IP to two different destinations. The second destination will never be reached because it would be satisfied by the first rule.

The solution / best practice, is to have one IP to expose your UI to end users on https (443 to 8000) and a second IP for API calls and behind the scenes Splunk traffic (443 to 8089).

Though not required necessarily, I generally assign a DNS name to the IP for the API. That way if the IP needs to change your only have to update DNS, and not your code.

Thank you for the details. In my case, I am not managing Splunk, I am consuming our Splunk services from my application.  The Splunk team provided the URL https://mycorp.splunkcloud.com:8089/services/search/jobs/

It is working perfectly fine from my desktop. However, when trying to access this from an application (running within same firewall), I am getting an SSL error. We have added Splunk certificate in app trusted store but still we are getting same error.

It turn out to be a firewall issue. Even though port 8089 was allowed, the SSL traffic was being blocked,