iisazure-active-directoryasp.net-core-3.1microsoft-entra-id

ASP.NET Core app running on IIS gives Http Error 401.2-Unauthorize


I have an ASP.NET Core MVC application where I implemented Azure AD authentication. I'm using .NET Core 3.1. I'm pretty sure the Azure AD part is properly implemented as it runs well in Visual Studio.

When I try to run my app on IIS, I get this error as shown below. However, if I enable anonymous authentication on IIS, the app works well as expected and I don't get the error 401.2.

Screenshot of Http Error 401.2

I want my app to run on IIS without this error even after disabling anonymous authentication on IIS, how can I do that? I cannot enable Windows authentication also as it by passes my Azure AD authentication.


Solution

  • You cannot disable anonymous authentication on IIS, as that's a mandatory part of Microsoft Entra ID based authentication in your ASP.NET Core web app.

    You will have to roll back the change and ignore this error as you made a wrong move.

    About why anonymous authentication is needed on IIS, that's a separate question.

    Note that the name "Azure Active Directory" is no longer used, and .NET Core 3.1 reached end of life years ago.