.NET Core 2.1 Authorization based on Active Directory

Question

I am supporting an ASP.NET Core 2.1 Web API which returns client data. This API is hosted on the company's intranet on an IIS server. As of now, there is no authentication and anyone on the company's intranet can access the API.

Recently there was a change in the requirement to split the current method on the API into three different methods.

The first method should be open to all intranet users and will return very few client details. The second method will be limited to set of users belonging to the Active Directory group Ad-L1-Users. And the third method is restricted to users in the Active Directory group Ad-L2-Users.

This is my launchsettings.json file

{
  "$schema": "http://json.schemastore.org/launchsettings.json",
  "iisSettings": {
    "windowsAuthentication": true, 
    "anonymousAuthentication": false, 
    "iisExpress": {
      "applicationUrl": "http://localhost:51100",
      "sslPort": 0
    }
  },
  "profiles": {
    "IIS Express": {
      "commandName": "IISExpress",
      "launchBrowser": true,
      "launchUrl": "api/values",
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
    },
    "BFApiDemo": {
      "commandName": "Project",
      "launchBrowser": true,
      "launchUrl": "api/values",
      "applicationUrl": "http://localhost:5000",
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
    }
  }
}

Startup.cs:

public class Startup
{
    public Startup(IConfiguration configuration)
    {
        Configuration = configuration;
    }

    public IConfiguration Configuration { get; }

    public void ConfigureServices(IServiceCollection services)
    {
        services.AddDbContext<AppDbContext>(options =>
            options.UseSqlite(Configuration.GetConnectionString("DefaultConnection")));

        services.AddAuthentication(IISDefaults.AuthenticationScheme);
        services.AddAuthorization(options =>
        {
            options.AddPolicy("L1-Users", policy =>
                policy.RequireRole("Ad-L1-Users"));

            options.AddPolicy("L2-Users", policy =>
                policy.RequireRole("Ad-L2-Users"));
        });
        services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
    }

    public void Configure(IApplicationBuilder app, IHostingEnvironment env)
    {
        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
        }

        app.UseAuthentication();
        app.UseMvc();
    }
}

I am using authorize attribute on action method as below

[Authorize(Policy = "Ad-L1-Users")]

when I run the application from command prompt using dotnet run and hit the end point I am getting this exception :

System.InvalidOperationException: No authenticationScheme was specified, and there was no DefaultChallengeScheme found.

Am I missing anything? I am using Visual Studio Code for my development and running it on my local machine. I am not using Azure AD