Can I enable non-interactive NLTM authentication on API calls for an endpoint on a different server?

Question

I have a website hosted in IIS that uses NTLM authentication. I can access the site without explicitly providing my credentials. The site itself has functionality that makes ajax calls to API endpoints hosted in an HTTP.sys Windows Service.

The ajax calls are configured like this:

const ajaxGet = (url) => $.ajax({
    cache: false,
    type: "GET",
    url: `${url}`,
    xhrFields: {
        withCredentials: true
    }
});

Everything works, but the browser (Chrome) always asks me to enter my credentials at least once when it calls the endpoint for the first time.

Is there a way to automatically use the NTLM credentials provided by IIS authentication instead of having to manually enter them?

1) Talk to your domain administrators to learn more about Windows authentication (Kerberos or NTLM). 2) If Keberos is used by this IIS site, then ask your administrators to enable delegation to the Windows service. 3) If NTLM is used, credentials cannot be delegated, and re-authentication is needed. To suppress prompt, the browser needs to trust the Windows service URL (just like how it trusts your main site). — Lex Li, Sep 19 '22 at 22:31

Can I enable non-interactive NLTM authentication on API calls for an endpoint on a different server?

0 Answers0