Some Endevor users are unable to login to Endevor web interface, they are valid Endevor users and can perform the package actions, they also have READ access to the APPL class ENDEVOR profile. 

Endevor web service is APIML enabled. 

The Web interface login screen shows "Invalid credential or user not authorized" 

The web interface log shows:

Service Request: request 'performPOST' to 'https://host:7554/gateway/api/v1/auth/login' completed with status: 401 UNAUTHORIZED

Endevor V19

ZOWE v2.18

ZOWE.yaml has the following setting:

components:

  # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
  gateway:
    enabled: true
    port: 7554
    debug: false
    apiml:
      security:
        auth:
          provider: zosmf
          zosmf:
            jwtAutoconfiguration: auto
            serviceId: zosmf

Since components.gateway.apiml.security.auth.provider is set to zosmf,  according to ZOWE document:

Each TSO user ID that logs on to Zowe and uses Zowe services that use z/OSMF requires permission to access these z/OSMF services. It is necessary that every user ID be added to the group with the appropriate z/OSMF privileges, IZUUSER or IZUADMIN (default).

Granting users permission to access z/OSMF

Then login to web interface.