You are not authorized to view this page due to invalid authentication headers.

I have been working through an authentication issue and making changes to IIS to debug the problem and then ran into the following IIS error:

HTTP Error 401.2 - Unauthorized

You are not authorized to view this page due to invalid authentication headers.

It took me a while to figure out what the problem was and in the end the cause was already listed in the “Most likely causes” section of this error page:

Most likely causes:

• No authentication protocol (including anonymous) is selected in IIS.
• Only integrated authentication is enabled, and a client browser was used that does not support integrated authentication.
• Integrated authentication is enabled and the request was sent through a proxy that changed the authentication headers before they reach the Web server.
• The Web server is not configured for anonymous access and a required authorization header was not received.
• The "configuration/system.webServer/authorization" configuration section may be explicitly denying the user access.

My issue is that I had been debugging an issue with Windows Authentication and I had disabled Anonymous Authentication and enabled Windows Authentication for this website in IIS (I know you are not supposed to have both Forms Authentication and Windows Authentication enabled at the same time... this was for a test). 

When I had finished I thought I had reset everything back but I forgot to enable Anonymous Authentication.  Just enabling Anonymous Authentication resolved the issue.