This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(294.40000000000003, 94%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
I have an app, e.g. SL. It's running on Web Server using IIS.
SL has it's own authentication method.
I don't want that any user with SL account be able to login. I want only those accounts that have Windows Authentication.
My goal: 1. create account for SL for a few users 2. enable Windows Authentication in IIS 3. list those users in IIS
My expectation: only users listed in IIS will be able to login into SL
I don't want to change web.config directly.
Could I use the Authorization Rules option: (see attachment)
Thanks
Glad to here it was helpful.
--please don't forget to Accept as answer if the reply is helpful--
I wanted to add 'allow' and 'deny' Rules for Authorization but I don't see it on my Windows 2016 IIS 10.0
I do see it in Windows 2012 IIS 7.5.
How could I set Rules in IIS 10.0 ?
Thanks,