CODEWITHSUNDEEP
c#.netasp.net-web-api2
user441521
user441521

Reputation: 6998

Using default credentials to call api in console app

I'm trying to call a Web API 2 method that requires auth from a console app running on my desktop where I have authorization, but I'm getting 401 Unathorized. I know I have authorization because when I make the same call from a web browser it works fine. So a browser can get my default login id/pw to send to the API but .NET's WebClient can't? That seems insane. There has to be a way to do this without entering my id/pw into the console app.

The below is what I'm using in a console app and it's not working.

This is using Windows Auth as it's intranet stuff.

This throws an exception "The remote server returned an error: (401) Unauthorized."

using(var c = new WebClient())
{
    c.UseDefaultCredentials = true;   
    string value = c.DownloadString("http://localhost:62659/api/Store/GetData");
}

I also tried the below and when I mouse over DefaultNetworkCredentials the username/pw are blank strings. Why wouldn't .NET be able to figure this out?

using(var c = new WebClient())
            {
                var creds = new CredentialCache();
                var uri = new Uri("http://localhost:62659/api/Store/GetData");
                creds.Add(uri, "ntlm", System.Net.CredentialCache.DefaultNetworkCredentials);
                c.Credentials = creds;
                string value = c.DownloadString(uri);
            }

Upvotes: 4

Views: 5259

Answers (2)

jomsk1e
jomsk1e

Reputation: 3625

Using DefaultCredentials should work to use Windows Auth from console application. As long as you have the appropriate authorization header that your web api is looking for. Same with my comment I recommend testing the api call using Postman so that you can troubleshoot and check what you are missing.

Regarding the credentials as blank, this is maybe because you are using DefaultNetworkCredentials.

Try this: 

using(var c = new WebClient())
{
    var uri = new Uri("http://localhost:62659/api/Store/GetData");
    c.Credentials = System.Net.CredentialCache.DefaultCredentials;
    string value = c.DownloadString(uri);
}

If you want to use NetworkCredential you should be inputting network credentials like so: 

c.Credentials = new NetworkCredential(username, password, domain);

I created this type of console application and used it as a service and I can tell you that this should work. You should just need to troubleshoot and bits by bits get the real problem.

Upvotes: 1

gmiley
gmiley

Reputation: 6604

It is likely that you do not have your credential information stored within Windows Credential Manager. You can access that via Control Panel > Credential Manager. From there you can add whatever credential you need. CredentialCache.DefaultCredentials and CredentialCache.DefaultNetworkCredentials contains the login credentials of the currently logged-in or impersonated user. If what you are connecting to requires different credentials then these will not work. You will need to add those credentials to the Credential Manager in Windows.

The reason you are connecting fine within Chrome is that Chrome will store credentials within itself that you have designated to save.

Login credentials being used as functional ids can be set to never expire, or it will need to be added to a list of monthly/yearly maintenance items to update the password for those accounts.

You would also want to handle bad login information within your application. If this is an automated task, have it email or otherwise notify someone that the credentials need to be updated.

If a user runs this, you could simply prompt the current user to provide a new password, which you can use to update the stored credentials right then.

Another option would be to set the user running the application as a user on the receiving end using those same credentials. That way the entire process is tied to the user(s) that will be running the application.

Upvotes: 4

Related Questions