I want to disable security for certain API calls.
So through a page rule as below, I have disabled security for the URL.
Note, this is the only one-page rule I have. There are no other page rules at all.
However, in the firewall events, I still see challenge was invoked security level, which I have already set as low.
Is there a way I can completely disable security for certain URLs? I think this is what Page Rules is for.
Am I missing something?