Reputation: 350
ABP 401 response from API instead of redirect
I have the same problem as this: https://forum.aspnetboilerplate.com/viewtopic.php?f=5&t=4865, but I have ABP v2.1 with module-zero-core-template.
I'm using Web.Mvc project as my startup project and I want to make API calls.
When I perform an unauthorized request to the API, I got a "200 OK" response instead of a "401". Where did I make a mistake?
Upvotes: 1
Views: 1322
Answers (2)
Reputation: 43
Add this header to your API requests "X-Requested-With: XMLHttpRequest" if you want to get a 401 and not a redirect.
Upvotes: 1
Reputation: 43103
ASP.NET Core 1.x
ABP v2.x / module-zero-core-template v2.x
Modify IdentityRegistrar in .Core project:
// Before
services.AddAbpIdentity<Tenant, User, Role>()
// After
services.AddAbpIdentity<Tenant, User, Role>(options =>
{
options.Cookies.ApplicationCookie.AutomaticChallenge = false;
})
Reference: https://github.com/aspnet/Security/issues/804
ASP.NET Core 2.0
ABP v3.x / module-zero-core-template v3.0.0 – v3.4.0
Modify AuthConfigurer in .Web.Mvc / .Web.Host project:
// Before
services.AddAuthentication()
// After
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = "JwtBearer";
options.DefaultChallengeScheme = "JwtBearer";
})
Reference: 92b6270 in module-zero-core-template v3.5.0
Upvotes: 2
Related Questions
- How to return 401 instead of 302 in ASP.NET Core?
- ASP.Net / ASP.NET Core Web API unauthorized requests returns 302 redirect response instead of 401
- How to remove the redirect from an ASP.NET Core webapi and return HTTP 401?
- ASP.NET core Web API Authorize Attribute return 404 Error & force redirect
- Return 401 for Custom Authrization
- Make Microsoft.AspNetCore.Authorization.AuthorizeAttribute return 401, instead of redirecting to login page
- Suppress redirect on API URLs in ASP.NET Core
- ASP.NET Core 2 API call is redirected (302)
- ASP.Net Core - no redirect on API auth error
- Return 401 instead of redirecting identityserver