Public link ends with 401 error

JiriPrajz · May 16, 2026, 9:23pm

When accessing an HTML page through the public API endpoint, the request returns HTTP 401 Unauthorized instead of the expected HTML content.

The endpoint should be publicly accessible based on the current configuration in appsettings.json:

"UserApiOptions": {
  "RestrictedRoutes": ["/api/private"],
  "PublicRoutes": [
     "/api/public", 
     "/invite"
   ]
}

Request URL example:

https://localhost/api/public/{id}/{guid}/data

Observed behavior:

Browser returns HTTP 401 Unauthorized

Expected behavior:

Requests under /api/public should be accessible without authentication

tvavrda · May 17, 2026, 10:21pm

What is the Roles attribute on your API endpoint definition? Is it *?

JiriPrajz · May 18, 2026, 9:20pm

Yes, the Roles setting is *. The API worked well on server version 2025.10.