public IHttpActionResult ConfidentialsGet() { var authorizationHeader = GetAuthorizationHeaderValue(); if (!string.IsNullOrWhiteSpace(authorizationHeader)) { var authorizationHeaderValue = AuthenticationHeaderValue.Parse(authorizationHeader); if (CheckFormatOfAuthorizationHeader(authorizationHeaderValue)) { if (_credentialsRepository.ParseAndCheckBase64CredentialsString(authorizationHeaderValue.Parameter)) { return(Ok(true)); } return(Ok(false)); } } var resultAuthenticationHeader = new AuthenticationHeaderValue("WWW-Authenticate", string.Format("Basic realm=\"{0}\"", Realm)); return(Unauthorized(resultAuthenticationHeader)); }