ASP.NET Unauthorized in Postman using IIS Express, but works in Chrome

Question

I am trying to test an ASP.NET Web Api locally using IIS Express. When I use Chrome and hit the url (localhost:5000/api/test, for example) the json displays fine, but when using Postman I keep getting unauthorized 401.2 when hitting the same url. The api controller has Anonymous access on the route.

On the error message, one of the likely causes is:

Integrated authentication is enabled and the request was sent through a proxy that changed the authentication headers before they reach the Web server.

Is Postman somehow changing the headers?

Answer 1

I have a localhost WebAPI site up with IIS Express (HTTPS). Postman started to respond as expected to GETs and POSTs after I changed (in Postman) File --> Settings --> Proxy

• to: "Use the system proxy"
• and turning on: "Respect HTTP_PROXY ...".

I had earlier set up a custom proxy that wasn't working with HTTPS.

Answer 2

[2019 Update]

Got the same issue, I couldn't debug an ASP Core 2.1 API using Postman when running on the local machine using IIS Express. I kept on having "Could not get any response" despite it was working fine on a browser.

Following troubleshooting steps explained here PostmanLabs Github, I noticed into Postman console that this was coming from a certificate issue.

Disabling SSL Verification from Postman Settings > General allowed the request to pass through.

Answer 3

Looks like it's your proxy.

I haven't found the proxy setting in postman. So I deleted postman for Win and installed postman for Chrome. Possibly Postman gets the environment from Chrome.

Anyway the resolution is to use Postman for Chrome instead of Postman for Win.