Background: We have threat protection rules which has a custom filter set to check all requests and allow valid requests to gateway.
In Custom filter we have written a service like if the resource is gateway/ws and that API exists in gateway then only allow it to proceed further so when all conditions satisfy we have a variable forwardRequest to true else false.
Issue: We are trying to create a SOAP API and i have imported the wsdl into APIgateway which got enabled too but whenever i try to view the wsdl it is asking for username and password it is throwing 403 forbidden error .
If i disable the threat protection rules i am able to view the wsdl so i have debugged the custom filter service i see the forwardRequest is set to true but still it is failing. I tried importing public SOAP API https://www.dataaccess.com/webservicesserver/NumberConversion.wso?wsdl and the same result…
Did anyone faced this kind of issue.