Click here to Skip to main content
15,845,742 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
Hi All

I have a web api and a web site developed on ASP.NET Core (VS 2017). The website works well on localhost and is able to call the web api and get returns.

Both of the sites were then deployed to Windows Server 2012 R2, running on IIS 8.5. I have followed numerous articles on how to configure IIS for ASP.NET Core and I am satisfied that the configuration is right.

I can browse to both URLs and nothing is failing. However, when the website tries to call the web api I get Error 401: UnAuthorised

Has anyone experienced this and can some recommend a solution.

What I have tried:

I tried using Postman to see if I can reach the API and return some values, the calls were successful and returned the requested data.

I looked at the permissions on the folder and on the site of the web api site. Everything looks normal (as it should be)
Updated 11-Aug-18 3:26am
Saineshwar Bageri 18-Jul-17 13:46pm    
Have you tried to browse application locally on webserver
[no name] 19-Jul-17 7:56am    
Have you got an [Authorize] attribute in your web API classes anywhere? Locally you'd be authorised just by being logged into your machine but that doesn't count when it's deployed to a server.
Tomz_KV 27-Apr-18 15:25pm    
My issue was similar to yours. Everything worked fine in dev environment. It was also fine when the web api was hosted in production and called from a dev app. 401 unauthorized error only occurred when the web api and the app were both run on production server. Windows authentication was used for both. The fix (or workaround) was to call the web api using its IP address instead of a friendly url. This might not be a favorable way to do it since the IP address did not have a SSL certificate.

Can you share how you resolved your issue?
KathiravanK 11-Aug-18 7:54am    
I am also facing same issue can anyone help me out how to resolve solution

Helo Kulile,

it would be better if you've mentioned subcode of the error(given below).
This will helps in resolving the issue.

401.1: Access is denied due to invalid credentials.
401.2: Access is denied due to server configuration favoring an alternate authentication method.
401.3: Access is denied due to an ACL set on the requested resource.
401.4: Authorization failed by a filter installed on the Web server.
401.5: Authorization failed by an ISAPI/CGI application.
401.7: Access denied by URL authorization policy on the Web server.
Share this answer
Api project App Startup

To this...


if change this issue fixed
Share this answer

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900