It happens when your API is not authorized and your redirect URL doesn’t exist.
When authentication fails, Web API will send a 401 code. Now if you are handling this code on the client side and doing a redirect for an authorization failure, then make sure that the redirected Url exists.
Also, Do not add the [Authorize] attribute to the controller that handles Authentication methods (Login/Register).
Your culprit looks to be the Authorize attribute. Since you are using JWT authentication scheme. Your authorize attribute should be following
[Authorize(AuthenticationSchemes = "Bearer")]
[HttpGet]
[Route("api/Tokens")]
public IActionResult TestAuthorization()
{
return Ok("You're Authorized");
}
To make it default authentication scheme, Change AddIdentity to AddIdentityCore. here is a very good article.
Using JwtBearer Authentication in an API-only ASP.NET Core Project