Windows authentication for ASP.NET API and nodejs website

Question

I have a website hosted on nodejs, using http-proxy-middleware where I proxy all the api calls to an ASP.NET API.

I have the ASP.NET api deployed on a remote IIS server (not on my computer but in the domain) with windows authentication on with NTLM only and I have this in the web.config :

<system.web>
    <compilation debug="true" targetFramework="4.5.2" />
    <httpRuntime targetFramework="4.5.2" />
    <authentication mode="Windows" /> 
</system.web>

When I set up my website on a local IIS server (on my computer) and set its authentication to anonymous this works correctly, no login popups.

Calling the api from postman with NTLM authentication also works perfectly.

But when I deploy the website to the remote IIS server I can open the site without problems but when the site queries the API I get a login popup that does not accept my credentials ( mydomain\\myusername ), it will instead show the popup again and again in chrome but stop after 3 tries in IE and return a 401 unauthorized error.

Because this works locally I'm thinking the problem must be somewhere with the IIS server but I cannot figure out what it is.

Answer 1

There was a problem with the IIS server, when trying to fix the problem I often switched between anonymous and windows authentication but the changes didn't work unless i restarted the IIS by writing iisreset /noforce in the command console afterwards

By doing this on the remote IIS it worked like it did on my local IIS.