I have a ASP.NET Core 3.1.8 Web Application uses ASP Identity. All is working OK, when user try to navigate to a page which requires authentication, the response redirects the user to the login page.
Recently I created some API controller:
[Route("api/[controller]/[action]")]
[ApiController]
[Produces("application/json")]
public class MyController : ControllerBase
{
[HttpGet]
[Authorize]
public ActionResult<string> PingAuth(string message)
{
return Ok($"Pong: {message}");
}
During testing I noticed, that in case I call it with no authentication the response is the redirect, instead of the 401 Unauthorized.
Question
Is there any way to explain the api controller to send [401: Unauthorized] instead of [302: Found]?