diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/APIKeyAuthenticator.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/APIKeyAuthenticator.java
index caa7696ce..6265470bf 100644
--- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/APIKeyAuthenticator.java
+++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/APIKeyAuthenticator.java
@@ -209,9 +209,12 @@ private AuthenticationContext processAPIKey(RequestContext requestContext, Strin
                 APIKeyValidationInfoDTO validationInfoDto;
                 log.debug("Validating subscription for API Key against subscription store."
                         + " context: {} version: {}", apiContext, apiVersion);
-                validationInfoDto = KeyValidator.validateSubscription(apiUuid, apiContext,
-                        requestContext.getMatchedAPI(), payload);
-                if (!requestContext.getMatchedAPI().isSystemAPI()) {
+                boolean isGatewayLevelSubscriptionValidationEnabled = ConfigHolder.getInstance().getConfig()
+                        .getMandateSubscriptionValidation();
+                if (!requestContext.getMatchedAPI().isSystemAPI() && (isGatewayLevelSubscriptionValidationEnabled || requestContext.getMatchedAPI()
+                        .isSubscriptionValidation())) {
+//                    validationInfoDto = KeyValidator.validateSubscription(apiUuid, apiContext,
+//                                requestContext.getMatchedAPI(), payload);
                     log.debug("Validating subscription for API Key using JWT claims against invoked API info."
                             + " context: {} version: {}", apiContext, apiVersion);
                     validationInfoDto = getAPIKeyValidationDTO(requestContext, payload);