We use Basic Auth for the login system of our web product. Normally, when an Api call is made from the web and no authentication is present, the browser (Chrome, Firefox, or IE) would prompt for a Windows Security alert or pop up to ask for the user to login.

In Fiddler using Chrome, it will show Pending requests, and an alert to login. I log in and all api requests receives a 200. OK

In Fiddler using IE, it will show multiple 401 errors, and then a Windows Security pop up. I login, and then subsequent 200 requests for all api calls would follow automatically. OK

The problem: In Fiddler using Edge, it will show multiple 401 errors, and then a Windows Security pop up will appear. I login with the correct credentials, one call will use that authentication and receive a 200. But then another pop up will appear, so i login with my credentials, and another call will use that authentication and receive a 200. Do this enough times for all subsequent calls, and I'll finally be able to use the website.

If I reload Edge afterwards (without closing it), all calls will receive the 200 right away.

I do not know why Edge doesn't seem to cache the authentication after the first call is authenticated. I cannot find any issue similar to this in Microsoft Issue Tracker. I doubt I am the only one going through this if it is normal. So I must have set something wrong.

I've checked every authentication combination in IIS for both my api and website. So any other suggestion is highly appreciated.