When a server responds with multiple WWW-Authenticate headers using different algorithms (MD5 and SHA-256), Postman selects algorithm="SHA-256" but incorrectly uses the nonce from the MD5 challenge.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback