I used to be able to do this, but I can’t figure out why it isn’t working any more. I did recently update Windows, so that may be it. I need to be able to GET and POST to my LOCALHOST:52455 running on IIS Express so I can debug my code. I am able to access the endpoint via a web browser, but if I take the same URL and put it in Postman, I get the error below. I have tried changing virtually every single flag or setting in various applicationhost.config, application.json, and web.config file there is. Basic GETs always work in the browser but nothing works in Postman.
I believe this is a bug in Postman, as I have exhausted all configuration issues in IIS.
Error:
IIS 10.0 Detailed Error - 401.2 - Unauthorized
HTTP Error 401.2 - Unauthorized
You are not authorized to view this page due to invalid authentication headers.
No authentication protocol (including anonymous) is selected in IIS.
Only integrated authentication is enabled, and a client browser was used that does not support
integrated authentication.
Integrated authentication is enabled and the request was sent through a proxy that changed the
authentication headers before they reach the Web server.
The Web server is not configured for anonymous access and a required authorization header was
not received.
The “configuration/system.webServer/authorization” configuration section may be explicitly
denying the user access.
Things you can try:
Verify the authentication setting for the resource and then try requesting the resource using
that authentication method.
Verify that the client browser supports Integrated authentication.
Verify that the request is not going through a proxy when Integrated authentication is used.
Verify that the user is not explicitly denied access in the
“configuration/system.webServer/authorization” configuration section.
Check the failed request tracing logs for additional information about this error.
IIS Web Core
Request Tracing Directory
C:{MyDocuments}\IISExpress\TraceLogFiles{myprojname}
More Information:
This error occurs when the WWW-Authenticate header sent to the Web server is not supported by the server configuration. Check the authentication method for the resource, and verify which authentication method the client used. The error occurs when the authentication methods are different. To determine which type of authentication the client is using, check the authentication settings for the client.
Microsoft Knowledge Base Articles:
907273
253667