As part of modernization efforts, it is not uncommon for enterprises to wrap existing or legacy algorithms using web APIs to make them available across the organization. For example, an algorithm written in C may be wrapped in a Java API and described using a standardized specification (e.g., SOAP, OpenAPI, GraphQL). As such, many fuzzers take advantage of these specifications for automated testing. However, these fuzzers are only able to test at the surface level as they usually generate inputs stochastically. This is especially problematic when testing code that has highly constrained execution paths. Random input generation is unlikely to penetrate tight constraints and may miss defects behind such constraints altogether. Concolic execution allows for solving constraints and maximizing branch coverage. In this paper, we present a framework that combines specification-based fuzzing with concolic fuzzing to go beyond the surface level and perform deeper fuzzing of web APIs in a systematic manner. In our evaluation, we show that our approach is able to achieve almost double the code coverage of the API fuzzing tool RESTler when applied to a tightly constrained system.