ASP.NET Unauthorized in Postman using IIS Express, but works in Chrome

Question

I am trying to test an ASP.NET Web Api locally using IIS Express. When I use Chrome and hit the url (localhost:5000/api/test, for example) the json displays fine, but when using Postman I keep getting unauthorized 401.2 when hitting the same url. The api controller has Anonymous access on the route.

On the error message, one of the likely causes is:

Integrated authentication is enabled and the request was sent through a proxy that changed the authentication headers before they reach the Web server.

Is Postman somehow changing the headers?

Answer 1

[2019 Update]

Got the same issue, I couldn't debug an ASP Core 2.1 API using Postman when running on the local machine using IIS Express. I kept on having "Could not get any response" despite it was working fine on a browser.

Following troubleshooting steps explained here PostmanLabs Github, I noticed into Postman console that this was coming from a certificate issue.

Disabling SSL Verification from Postman Settings > General allowed the request to pass through.