This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 83%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMP%3C/text%3E%3C/svg%3E)
Hi there,
I have SharePoint 2019 updated with latest patch and people are using OneDrive onprem. We don't have hybrid setup everything is on prem.
By default all API access is enabled for users and I think by product it should be open. But can we _vti_bin /_api access to user ?
I have disabled it from web.config, everything seems perfect but its popping user credential first time and its working if you click cancel, but again prompting password if you enter the credential. So this is loop if you enter the credential then it will ask password else no.
I have use developer tool from web and allowed only required API after that it is not popping password on web browser. But still popping password in OneDrive Client.
Anyone has any clue, How we can disable API/vti_bin or allow only required API ?
Modifying _vti_bin ACLs is not supported.
Hi @Mahadev Prasad ,
Both of OneDrive Client and SharePoint backend have request with _vti_bin path, you can trace with Fiddler.
And there is no settings which chould disable specific asmx in _vti_bin, so it's not suggested to disable it from web.config
Thanks
Best Regards
If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.