How to enable BASIC authentication in IIS only for a particular WEB API service

Question

0.00/5 (No votes)

See more:

Hi All,

I have a web application using ASP .NET MVC. In this application there is a WEB API. Which will return some JSon data. I have added BASIC authentication code for this WEB API and is working fine in my local. I Tried it with POST MAN. Now I hosted the site in IIS. After hosting I enabled BASIC authentication in SERVER. There is no error in code and is working fine in local. When ever I try to call this service I am getting "401 - Unauthorized: Access is denied due to invalid credentials." error and I can access other pages of the site with out any issue. My requirement is , I need to enable BASIC authentication for this api only not for the whole application. Is that possible? If possible could any one please help me.

Thank you

What I have tried:

I have enabled BASIC Authentication in server. But it enables authentication for whole application and getting "401 - Unauthorized: Access is denied due to invalid credentials." error when i try to access the service. I need authentication for this particular service only.

Posted 15-May-18 0:46am

Subhash PM

Updated 15-May-18 2:07am

Add a Solution

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

MadMyche · Answer 1 · 2018-05-15T02:08:00

Haven't had a need in WebAPI yet, but in earlier Asp.Net/MVC you could drop a WebConfig file in any of the View directories which could be used to enforce the Basic Authentication.

The work I am doing now we add an authorization header into the request collection and check that within the method calls.
To get the correct values we have a Login method to validate credentials and return the correct token for usage