Tel Map


ASP.NET Core 2.0 Disable Authentication in Development Environment

This article describes how to disable authentication for ASP.NET Core 2.0.

ASP.NET Core JWT Authentication

I have some Rest API which I want to protect via JwtBearer token in production e.g.


However in order to test the API, for development I totally want to disable authentication without having to remove all Authorizes in the Controllers.

First Attempt

If you however try something like this:

you will run into the following error:

An unhandled exception occurred while processing the request.

InvalidOperationException: No authenticationScheme was specified, and there was no DefaultChallengeScheme found.


It took the quite some time to figure out a valid solution. And it is very simpe as well…
What I ended up doing is this:


Now everyone can access the API in development. Hope this helps someone solve this problem.

If you have any questions or further information, please leave a comment below.


14 Replies to “ASP.NET Core 2.0 Disable Authentication in Development Environment”

  1. Martin Navarrete

    Thank you man, I was looking for any solution for this, it was very simple with your explanation but another think to add is that if you are putting the code into the ConfigureServices method you have to declare an use the IHostingEnvironment variable in the Startup constructor.

  2. Stone Robertson

    This technique is indeed simple and elegant. Worked great for me! As Martin N. pointed out, you will not have access to the IHostingEnvironment object in ConfigureServices, so don’t forget to add it as a constructor param for DI.

  3. Sebastian Lindner Post author

    It is IHostingEnvironment env injected into the Configure method by the dependency injection.

Leave a Reply

Your email address will not be published. Required fields are marked *

This website uses cookies. By continuing to use the website, you agree to the use of cookies. For more information about cookies, please see our privacy policy.