I've built a PersonaBar endpoint out for returning data needed in the custom personabar admin page I've created. My javascript service looks like:

const sf = this.getServiceFramework()<br>sf.get("?" + serializeQueryStringParameters(searchParameters), {}, callback, errorCallback);

This returns a 401. When checking the headers being sent, it sets the TabId and auth token but does not set the ModuleId. If I manually set the ModuleId on the way out:

const sf = this.getServiceFramework(); sf.get("?" + serializeQueryStringParameters(searchParameters), {}, callback, errorCallback, null, function (xhr) { xhr.setRequestHeader("ModuleId", "446"); });

It works just fine, returning a 200 and the data as expected. This is just an inconvenient hack and breaks if I am on a different page (tabID).

Here is my controller code:

public class ProductStylesController : PersonaBarApiController <br>{ <br> [DnnModuleAuthorize(AccessLevel = SecurityAccessLevel.Anonymous)] <br> [HttpGet] <br> public HttpResponseMessage Index([FromUri]int pageIndex = 0, [FromUri]int pageSize = 10) <br> { <br> ... <br> return Request.CreateResponse(HttpStatusCode.OK, new GridResultsDto<ProductStyleGridViewModel>()); <br> ... <br> } <br> }

Why is the controller returning a 401? How can I get it to accept requests without the ModuleId header?