I have a Blazor server app that I want to add a web api controller to that can be accessed from Postman and eventually other apps. The Blazor app needs authentication, but not the web api. I tried adding AllowAnonymous, but I am getting an authentication error calling it from Postman:
HTTP Error 401.2 - UnauthorizedYou are not authorized to view this page due to invalid authentication headers.
I suspect our security proxy is adding the headers:
Is it possible to host an unsecured (AllowAnonymous) web api inside an authenticated Blazor Server app?
Maybe I just need to craft my api call a certain way?
Controller:
[Route("api/[controller]")][ApiController][AllowAnonymous]public class ProfileController : ControllerBase{ [HttpGet("{year}", Name = "GetProfileResults")] public async Task<IActionResult> GetProfileResults(int year) { var profileResults = repo.GetResults(year); return Ok(profileResults); }}