I have Web API with taken based authorization. I am successfully able to register a user and get access_token
from the API. But, when I post to any other endpoint with the access_token
on the header for the same user, I am getting
"Message": "Authorization has been denied for this request."
If I remove the [Authorize]
decoration on the action method, only the client is validated in the ValidateClientAuthentication
and request gets processed fine. I am trying to post these requests from Postman, sending body parameters as x-www-form-urencoded
.
The API is built using oAut
h and MS identity. Client gets authenticated successfully in ValidateClientAuthentication
.
Just add Bearer before your token on the access_token parameter It should look like this :
Authorization: Bearer sdifusdifnPOIJDFPIUdfhpiuhdfg164