I am getting 401 Unauthorized error on subsequent REST API requests , after the 1st successful response with 200 Ok. See steps to reproduce below.
Steps to Reproduce:
Note : This works fine when I debug locally or deploy on Azure. However, I get 401 Unauthorized in one of my hosting environment . And support staff giving hard time and not able to resolve this issue.
Note : You may see different bearer token in my screenshots but I am passing same token in all requests.
Update-1 : Below is the response from both my domain (401) and azure (200 ok) put in side-by-side. I see Azure additionally sends ARRAffinity and ARRAffinitySameSite in cookies. Hope this info might help.
I was missing Machine Key in my web.config file needed for web farm as my hosting environment uses 3 nameservers, as it didn't recognize the token from 2nd request onward.
From MS Docs: If you deploy application in a Web farm, you must ensure that the configuration files on each server share the same value for validationKey and decryptionKey for Machine Key , which are used for hashing and decryption respectively. This is required as you cant guarantee which server will handle successive requests.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.