SOAP Behind API Gateway

zaidahmd nginx-forum at
Thu Apr 27 11:04:27 UTC 2017

Hi, I have an application in internal network with no public internet

I want NGINX API gateway deployed in public exposed network that
authenticates incoming HTTP, and rest service traffic and then relays the
traffic to upstream servers. 

Similarly I want the NGINX API Gateway to authenticate SOAP requests also.
But SOAP has its own WS security, and I believe SOAP request should not have
any sessionid or token for web authentication. So this means API gateway
will not be able to perform authentication as its doing for 
normal http and rest service traffic.

What should be the best solution to secure a SOAP service behind a NGINX API
gateway ? Or it should not be protected by NGINX API Gateway module ?

Posted at Nginx Forum:,273906,273906#msg-273906

More information about the nginx mailing list