Update for .NET Core 3.0:

Seems for .NET Core 3.0 the solution is much simpler:
  • install the Microsoft.AspNetCore.Authentication.Negotiate NuGet package
  • add authentication in ConfigureServices like this:
  • use the authentication in Configure (above app.UseAuthorization();)

No need to UseIISIntegration, UseHttpSys or anything.

Original post:

If you get the System.InvalidOperationException "No authenticationScheme was specified, and there was no DefaultChallengeScheme found." it means that ... err... you don't have a default authentication scheme. Solution:
  • Install NuGet package Microsoft.AspNetCore.Authentication in your project
  • add
    to the ConfigureServices method.

Update: Note that this is for IIS integration. If you want to use self hosted or Kestrel in debug, you should use HttpSysDefaults.AuthenticationScheme. Funny though, it's the same string value for both constants: "Windows".

Oh, and if you enter the credentials badly when prompted and you can't reenter them, try to restart Chrome (as in this answer)


Mike Becker

Thank you! You have no idea how awesome it is to find some asp.net core stuff that actually is explained super easy. I'm a powershell/C#/WPF guy thrust into the world of web dev, so finding stuff that's simple and concise is gold. Thanks!

Mike Becker


Thanks for this post -- I'm trying to wrap my head around C# .NET Core authentication a little bit at a time and this error was stopping me. But I followed the two steps in your post and it's now working the way I expected! Woot!


Post a comment