Thank you so much for your quick response. Still haven’t figured out the problem but at least I have something to look at. There is indeed a Authorize attribute, and roles can be specified. But in my case I have none yet.
[Route("api/1.0/things")]
[Authorize]
public class Controller: BaseController
{
// More code
I will try to dig deeper into the authorization in the dotnet core app.