Share via

ASP.NET Web Forms With Entra ID Authentication Works On Local Host But 405 Response On IIS Hosted Server

Young, Mark 20 Reputation points
2026-02-25T21:07:00.16+00:00

I am working on a project to update our ASP.NET Web Forms sites to use Entra ID Authentication via OWIN Middleware. The code samples posted on how to do this on Azure portal work for me, but only on local host. But after I deploy an application to AN IIS Hosted Web Server, the response returned from Azxure is 405.

I verified that the Redirect URI added for the Registered App in Azure and the application Redirect URI to use on the IIS Hosted web server are the same. Also since this is ASP.NET Web Forms and NOT an API, there is no WEBDAV settings configured in the web.config file.

I have been unable to find a situation posted similar to mine with ASP.NET Web Forms that has a solution I can try. And I have been researching this for four days. I can use sone help.

Developer technologies | ASP.NET | Other
Answer accepted by question author
  1. Jack Dang (WICLOUD CORPORATION) 16,115 Reputation points Microsoft External Staff Moderator
    2026-02-26T08:21:41.9666667+00:00

    Hi @Young, Mark ,

    Thanks for reaching out.

    It’s great that you were able to use Fiddler to pinpoint the issue. From what you described, the 405 seems related to the URL that Entra ID was posting back to your client app, something IIS wasn’t expecting on that endpoint.

    Since you’ve identified the mismatch, here are a few things you could try next:

    • Double-check that the Redirect URI in Azure exactly matches what your IIS-hosted app expects, including the protocol (https) and any trailing slashes.
    • Make sure the IIS endpoint is configured to accept the HTTP method (POST or GET) that Entra ID is sending. Sometimes adding a simple ValidateRequest="false" or adjusting the handler mappings in web.config can help.
    • Keep using Fiddler or browser network tools to verify the response after each change. This will confirm whether the 405 is resolved.

    The key insight is that the problem isn’t with the authentication logic itself, but with how IIS interprets the incoming request. Fixing the URL alignment and server configuration should get the flow working like it does locally.

    Hope this helps! If my answer was helpful - kindly follow the instructions here so others with the same problem can benefit as well.

    1 person found this answer helpful.
    0 comments

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Bruce (SqlWork.com) 83,666 Reputation points
    2026-02-25T22:54:17.2033333+00:00

    Use the browser network tools to track the redirects. Also try this extension for edge to get more information (there is also a chrome version)

    https://microsoftedge.microsoft.com/addons/detail/saml-wsfederation-and-o/boffpaecgbbojpkboijhbmhecoefdehi

    check the length of the query strings as they may be too long and require server configuration.

    1 person found this answer helpful.
  2. Q&A Assist
    2026-02-25T21:07:41.0133333+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    When encountering a 405 response on an IIS hosted server while using ASP.NET Web Forms with Entra ID Authentication, it is essential to consider the following points:

    1. HTTP Method Compliance: The 405 error typically indicates that the HTTP method being used is not allowed for the requested resource. Ensure that your application is configured to handle the HTTP methods correctly. For instance, if a POST request is being sent to a static file handler, it will result in a 405 error. Make sure that the handlers in your applicationhost.config file are set up to allow the necessary HTTP methods.
    2. WebDAV Configuration: Although you mentioned that there are no WebDAV settings in your web.config, ensure that WebDAV is not interfering with your requests. Sometimes, WebDAV can cause issues with HTTP PUT or DELETE methods. You might want to disable WebDAV if it is not needed for your application.
    3. Redirect URI: Since you have already verified that the Redirect URI in Azure matches the one used in your application, ensure that the application is correctly configured to handle the authentication flow. Any discrepancies in the URI can lead to issues during the authentication process.
    4. Capture and Analyze Requests: Utilize tools like Fiddler to capture the HTTP requests and responses. This can help you identify if the request is being sent correctly and if the server is responding as expected. Look for any additional error messages or headers that might provide more context on the 405 error.
    5. IIS Configuration: Ensure that your IIS server is configured correctly to support the OWIN middleware. This includes checking the application pool settings and ensuring that the correct version of .NET is being used.

    If these suggestions do not resolve the issue, consider reviewing the specific configurations of your IIS server and the OWIN middleware integration to identify any potential misconfigurations.

    References:

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.