Getting forbidden error while invoking SOAP API in APIGateway and it works fine for REST API

Hi All.

Background: We have threat protection rules which has a custom filter set to check all requests and allow valid requests to gateway.

In Custom filter we have written a service like if the resource is gateway/ws and that API exists in gateway then only allow it to proceed further so when all conditions satisfy we have a variable forwardRequest to true else false.

Issue: We are trying to create a SOAP API and i have imported the wsdl into APIgateway which got enabled too but whenever i try to view the wsdl it is asking for username and password it is throwing 403 forbidden error .

If i disable the threat protection rules i am able to view the wsdl so i have debugged the custom filter service i see the forwardRequest is set to true but still it is failing. I tried importing public SOAP API and the same result…

Service Signature


Service Response

Did anyone faced this kind of issue.


Hi Parre,
The end point for SOAP is https://gatewayhost:port/ws/. For me it looks like there is an issue with the rule in the custom filter service. Can you please check.

If you still need help please reach out to Global Support using Service Incident.


Hi Prabavathy

Thank you for the response.
Yes i have added /ws/ to allow to be passed through gateway but still i am getting forbidden error.

i will raise a ticket and see

Thanks and Regards

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.