"401 Unauthorized" on a directory

I assume this is an IIS error, as this doesn't happen if I run the project on my local machine.

I have my stylesheets at ~/Content/css

Any files in that directory won't load on the page, and when I navigate to them directly, I get a server error:

401 - Unauthorized: Access is denied due to invalid credentials.

You do not have permission to view this directory or page using the credentials that you supplied.

This only happens with that directory, I have no problem accessing any other files. Is there something I need to do in IIS7 to stop this?


  1. Open IIS and select site that is causing 401
  2. Select Authentication property in IIS Header
  3. Select Anonymous Authentication
  4. Right click on it, select Edit and choose Application pool identity
  5. Restart site and it should work

It is likely that you do not have the IUSR_computername permission on that folder. I've just had a quick scan and it looks like you will find the information you need here.

If that isn't the case, are you prompted for your username and password by the browser? If so it may be that IIS is configured to use Integrated authentication only, as described here.


  • Open IIS
  • select site where you are facing the problem

  • Select Below

enter image description here

- Right click on Anonymous Authentication and click on edit and follow below

enter image description here


You do not have permision to view this directory or page using the credentials that you supplied.

This happened despite the fact the user is already authenticated via Active Directory.

There can be many causes to Access Denied error, but if you think you’ve already configured everything correctly from your web application, there might be a little detail that’s forgotten. Make sure you give the proper permission to Authenticated Users to access your web application directory.

Here are the steps I took to solve this issue.

  1. Right-click on the directory where the web application is stored and select Properties and click on Security tab.

  2. Click on Click on Edit…, then Add… button. Type in Authenticated Users in the Enter the object names to select., then Add button. Type in Authenticated Users in the Enter the object names to select.

  3. Click OK and you should see Authenticated Users as one of the user names. Give proper permissions on the Permissions for Authenticated Users box on the lower end if they’re not checked already.

  4. Click OK twice to close the dialog box. It should take effect immediately, but if you want to be sure, you can restart IIS for your web application.

Refresh your browser and it should display the web page now.

Hope this helps!