I ran into a hiccup while debugging a .NET Core API - turns out, the endpoint was firing off twice. After some digging, it turned out that the pesky culprit was the Malwarebytes plugin.
Ideally, I would like Malwarebytes enabled for regular browsing and disabled for testing. Using Chrome's Incognito mode for testing satisfies this requirement. The quirk here is that, in Incognito mode, after the client certificate prompt, I get hit with another prompt asking for a username and password. I can put the username and password for my desktop account in and everything proceeds as it should.
This behavior does not occur when I use Chrome without Incognito mode.
I'm currently using Chrome Version 116.0.5845.97 (Official Build) (64-bit).
I have seen solutions online where people suggested opening up chrome://flags/ and look for the setting Enable Ambient Authentication in Incognito Mode. This setting does not appear for me in my version of Chrome.
I have also seen solutions where people suggested adding --auth-server-whitelist or auth-schemes to the argument list when defining the browser in Visual Studio. Neither of these parameters, either separately or together, worked.
Are there any other solutions I may have missed that I could try?
Starting in Chrome 81, Integrated Authentication is disabled by default for off-the-record (Incognito/Guest) profiles, and the user will need to enter the username and password. See https://issues.chromium.org/issues/40405715#comment63