Hi @Piyush Meshram ,
When the browser makes a request, it always considers the first request to be Anonymous. Therefore, it does not send any credentials. If the server does not accept Anonymous OR if the Anonymous user account set on the server does not have permissions to the file being requested, the IIS server responds with an Access Denied error message and sends a list of the authentication types that are supported by using one of the following scenarios:
- If Windows NT Challenge/Response is the only supported method (or if Anonymous fails), then the browser must support this method to communicate with the server. Otherwise, it cannot negotiate with the server and the user receives an Access Denied error message.
- If Basic is the only supported method (or if Anonymous fails), then a dialog box appears in the browser to get the credentials, and then passes these credentials to the server. It attempts to send these credentials up to three times. If these all fail, the browser is not connected to the server.
- If both Basic and Windows NT Challenge/Response are supported, the browser determines which method is used. If the browser supports Windows NT Challenge/Response, it uses this method and does not fall back to Basic. If Windows NT Challenge/Response is not supported, the browser uses Basic.
If the answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Best regards,
Bruce Zhang