Add this to your Web.config. Here, my controller is named “WebhookController”.
<location path="Webhook"> <system.web> <authorization> <allow users="*"/> <authorization> <system.web> <location>
Edit – As Erik mentioned below, in MVC applications you should not use web.config
<authorization> tags for security. Instead, use
[Authorize] attributes. Doing so will allow your
[AllowAnonymous] attributes to work correctly. You can read more about this here.
Additionally, configure IIS settings as follows:
Anonymous – Enabled
ASP.NET Impersonation – Disabled
Basic Authentication – Disabled
Digest Authentication – Disabled
Forms Authentication – Disabled
Windows Authentication – Enabled – HTTP 401 Challange