OnFailedAuthentication not called after TryAuthenticate fails

I have a CredentialsAuthProvider implementation that should return a custom payload instead of the default “ErrorMessages.InvalidUsernameOrPassword” when authentication fails.

The current implementation of DigestAuthProvider.Authenticate throws an HttpError on the last line of the method where I would expect it to call the OnFailedAuthentication message. Is there a way around this or is this intended behavior?

Sorry if the question was already posted somewhere - I couldn’t find a comparable question via the search.

Robert van Drunen

Do you mean this line?

OnFailedAuthentication is called when Authentication fails inside the Request pipeline, in the Authenticate() method it always throws a HttpError. You could override Authenticate() with your own custom impl e.g. you can call base.Authenticate() in a try/catch and call OnFailedAuthentication () yourself.

1 Like

Yes, that one.

I totally missed the overridable Authenticate above it - that’s my way out. Thanks.

1 Like