Windows authentication: HTTP ERROR 500

We’ve just started to enable windows authentication on our instances, and I can’t figure out how to make it consistently work. Indeed, SSO is not working at the moment, but i manage to get a windows’ login popup, upon logging in everything is working fine. But if i restart the browser, i can’t get to the page anymore, and get error 500. The log contains
System.InvalidOperationException: An anonymous request was received in between authentication handshake requests.

It turns out I get the popup again if I clear the browser’s cache.

I’ve created SPN entries for the service account running PSU (it is a group managed service account).

We’re running version 4.0.10.

I’m a clueless for now… there seem to be way to run PSU in an IIS setup, perhaps that would be advisable?

FYI, manage to sort this out by confirming windows authentication was on in the appsettings.json. there was no mention of authentication in it, adding the authentication.ps1 alone didn’t work