How to authenticate for content API?

[andrerav]

Hi,

I have a very simple Orchard Core website. I create a content type and a corresponding content item. Then I try to open the following url in the same browser that I am logged in as administrator with: https://localhost:44300/api/content/<content id>. This returns 401 Unauthorized.

I go to the roles section and enable all API-related stuff for the administrator role. I try the same URL again. Still 401 Unauthorized.

Then I installed the swagger nuget packages. I am able to see the swagger UI, but when I use the "Try it out"-functionality, the API still returns 401.

How can I corrently use the API? Do I need to set up a OIDC app and use that for authentication? That seems counter-intuitive since GraphQL queries work fine as long as I am logged in.

Thanks,
Andreas

[Skrypt]

Do you have enabled the OpenID Token Validation feature?