How to hide login prompt for Sharepoint 2016 admin URL's (via internet) when anonymous user try to a

Copper Contributor

I have built a public website via SharePoint 2016 and have enabled anonymous user access to it. But the issue is, if an anonymous user tries to access an admin link a login prompt pops up. How could i only show the login prompt if the request comes only with in an intranet. I have tried many solutions from google results but with no success. Any help would be greatly appreciated.

7 Replies
Not sure If I follow you here: if anonymous access has been enabled in the site, the credentials prompt should not show up to the user unless he/she is trying to access a resource that requires permissions

Hi @nawazpa_ 

What would be the desired effect?

What would you like to happen at the click of one of these links?

Could you please give us an example of a link that generates the authentication popup?





Yes, you are right. If a user tries Sharepoint admin URL like _layouts and tries to access it, then the login prompt comes. But i don't want the popup to be displayed if a user tries to access the admin URL's from internet. I hope i am clear enough.

Hi @Fed


Yes exactly , if an anonymous user tries a link like '_layouts/15/settings.aspx?' an authentication popup shows. I need it to be hidden if tried from internet and only want windows authenticated users to access those links. I hope i am clear enough. 

Hi @nawazpa_ perfect :)

You can't prevent to show authentication popup, but you can hide links from masterpage (ie ribbon, settings) or from page layout.

You need to use SPSecurityTrimmedControl class 


Make a copy of the MasterPage, or modify your current MasterPage, and wrap all parts you need to "hide" to Anonymous users with this snippet


<SharePoint:SpSecurityTrimmedControl runat=”server” AuthenticationResctriction="AuthenticateUsersOnly">
[here there are features you need to show only for Authenticated people]


You can already put some feature you need only for Anonymous users

<SharePoint:SpSecurityTrimmedControl runat=”server” AuthenticationResctriction="AnonymousUsersOnly ">
[here there are features you need to show only for Authenticated people]






Hi @Federico Porceddu ,


Thanks a lot for your help. These guys ( seem to have done it some how - showing 'unauthorized' page directly without the login prompt. Any idea how they have done it. It would be a great help.





Hi @nawazpa_ 

welcome :)

In this case, it is a production environement with a publishing site, more likely a cross publishing sites, without needs of authentication for users (es document library, etc).

You need to remove Windows Authentication from authentication providers of your Webapplication, but in this way, you can't access as authenticated user in no case.

Every time you need to modify your site, you must change authentication providers.

Let me know.