Soap NTLM Authentication using the new Extensibility API

Good day!

Since the SetWebReferenceCredencials has now been deprecated, may I kindly ask on how to do the NTLM authentication using the new Extensebility API?

I tried using the AddHTTPHheader_ToRequest() server action of the SoapExtensibilitySamples extension with the below values:

Name: Authorization


Then I received a HTTP 400 Bad request error.

I was able to run the method via SOAPUI andread some documentation that NTLM executes a authorization challenge process.

I'm puzzled on how to do this using the Extensibility API. Apologies as well I'm not an expert with C#.

Also, I encountered this during some of my tests:

My last resort will be using the SetClientCertificate() server action but I'm wondering if there is another way.

Thank you for your kind understanding and patience.



I have not done this for NTLM, but i do have experience using a X509 certificate. 

you basically need to add the security yourself, with the help of an extension.

For certificates, read:

For Headers, read:

I hope this helps you a bit on your way to a solution.

Hi Stefano,

Good morning!

Thank you for your suggestion.

I was able to push thru by adapting some of the C# code based on the SetCertificateAuthentication of the extensibility api. I tweaked it a bit in line with the NTLM authentication scheme and created an extension.

Thank you and kind regards,


Hi Christopher,

We are facing the same problem calling a SOAP webservice that requires NTLM authentication.  It would be great if you could share some more details on how you solved this in the extension (or the extension itself maybe?).
It would help us a lot and maybe would be useful as well for any others that stumble on this post looking for a solution.

Best regards,


I gave it a try myself and it ended up not being that hard.
I added the code as an attachment to this post if anyone needs it.



Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.