Recompile also FIelds class.

Yes, looks correct.

I have the following classes:

Class dc2303.Field Extends (%Persistent, %XML.Adaptor)
{

Parameter XMLTYPE = "UDFLookupFieldInstance";

Parameter XMLFORMAT = "literal";

Parameter XMLNAME = "Field";

Parameter NAMESPACE = "http://www.civica.co.uk/ParisConnect/ConnectXml/1.0/Messaging";

Property Suffix As %String(XMLNAME = "Suffix", XMLPROJECTION = "ATTRIBUTE");

Property Description As %String(XMLNAME = "Description", XMLPROJECTION = "ATTRIBUTE");

Property ID As %String(XMLNAME = "ID", XMLPROJECTION = "ATTRIBUTE");

}

Class dc2303.Fields Extends (%Persistent, %XML.Adaptor)
{

Parameter XMLFORMAT = "literal";

Parameter XMLNAME = "Fields";

Parameter XMLSEQUENCE = 1;

Parameter NAMESPACE = "http://www.civica.co.uk/ParisConnect/ConnectXml/1.0/Messaging";

Parameter SUPPRESSTYPEPREFIX = 1;

Property Fields As list Of Field(XMLNAME = "Field", XMLPROJECTION = "ELEMENT");

/// d ##class(dc2303.Fields).TestFieldsCorrelate()
ClassMethod TestFieldsCorrelate()
{
    Set reader = ##class(%XML.Reader).%New()
    Set tSc=reader.OpenFile("c:\temp\Fields.xml")
    #dim match as Fields
    Do reader.Correlate("Fields","dc2303.Fields")           
    While reader.Next(.match,.tSc) {
        w !, "Hurrah"
    }
    If $$$ISERR(tSc) {
        w !,  $SYSTEM.Status.GetErrorText(tSc)
    }
}

}

And fields.xml is

<Fields xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" >
    <Field xsi:type="UDFLookupFieldInstance" ID="2925" Description="FIRE ALARM ACTIVE" Suffix="FDT_ACTIVATE"/>
</Fields>

Should work. I actually tested it. Did you recompile both classes? Do you get the same error still?

Check carefully. Note -- in ^%ISCLOG (with percent) you enable the log. Then you read ^ISCLOG (without percent) in %SYS namespace.
When I repeated steps that I suggested to you, I saw the following error in ^ISCLOG

/* ERROR #5002: ObjectScript error: <PROTECT>^%CSP.Login.1 ^|^^c:\intersystems\iris2023x1\mgr\|dc.CustomLogin.1 */

Then I enabled auditing of Protect events, reproduced the eror and got more details:

Description:  Attempt to access a protected resource
Timestamp:    2023-03-19 16:01:38.000   Username:     CSPSystem
UTCTimestamp: 2023-03-19 15:01:38.000   Pid:          10896
Event Source: %System                   JobId/JobNum: 131089/17
Event Type:   %Security                 Session ID:   eK95W6SMCS
Event:        Protect                   IPAddress:    127.0.0.1
System ID:    DEP5570AKOBLOV:IRIS2023X1 Executable:   CSPa24.dll
Namespace:    %SYS                      Index:        196
Roles:
User Info:                              O/S User:     CSP Gateway
Routine:      ^%CSP.Login.1 |"^^c:\intersystems\iris2023x1\mgr\irislib\"|
Authentication: Password
Event Data:
<PROTECT>^%CSP.Login.1 *^|^^c:\intersystems\iris2023x1\mgr\|dc.CustomLogin.1

Indeed, user CSPSystem does not have READ permission on irissys database, where custom login class is located. Rather I should have created a new role that has only READ permission on %DB_IRISSYS resource, not RW.

I added role %DB_IRISSYS to user CSPSystem, closed connections from Apache to IRIS, so that the role is added on new connection, then login page began to work

xsi:type is a special attribute

IRIS analogue is XMLTYPE parameter of the class,

You need to remove Property Type from the Field class and add the following parameter, then recompile both Field and Fields

Parameter XMLTYPE = "UDFLookupFieldInstance";

Yuri, enable ISCLOG, reproduce the error, disable ISCLOG and then check if it has any errors, e.g. errors.

%SYS>kill ^%ISCLOG, ^ISCLOG
%SYS>set ^%ISCLOG = 3
//reproduce the error
%SYS>set ^%ISCLOG = 0
%SYS>zw ^ISCLOG

Afaik, with custom login pages user CSPSystem needs to have READ permissions on a database where custom login page class is located

In HealthShare section you see Extended Maintenance kits
In Continuous Delivery section you'll find Health Connect 2022.3, 2022.2

404 is also returned when there are some permissions issues.
Try to give %All to the user that you calling this API with and see if it helps. If yes -- then this is permissions issue.
Or enable Audit and auditing for Protect event and see if it is logged in Audit when the problem happens

Other idea -- enable ISCLOG, reproduce the problem, disable ISCLOG and see if there are any errors there. ISCLOG is very verbose, so just do one HTTP request with ISCLOG enabled

enable:

%SYS>kill ^ISCLOG,^%ISCLOG
%SYS>set ^%ISCLOG = 3

disable:

%SYS>set ^%ISCLOG = 0

analyze:

%SYS>zw ^ISCLOG (yes, without %)