Good day!
In case anyone else is running into this issue, here is what I had to do:
Navigate to %windir%\system32\inetsrv\config on the webserver and open the following file: applicationHost.config
In the security setting section, change the 'anonymousAuthentication' to 'Allow' as shown below
<sectionGroup name="security">
<section name="anonymousAuthentication" overrideModeDefault="Allow" />
In addition, since we were using a private SSL cert, we had to add the root CA cert to the system we want to use the API.
Hope this helps.
