While not an issue in most environments, forcing authentication on BusinessProcessInvoke.ashx to one auth mode resolves the issue.
  1. On the web server, locate the web.config file located in the ..\bbappfx\vroot folder
  2. Open the web.config in notepad or any other text editor
  3. Search the file for <location path="BusinessProcessInvoke.ashx">
  4. In the "authentication" node of this location path there typically two child nodes called "windowsAuthentication" and "basicAuthentication"  leave one set true and switch the other to false.
  5. For one site, the following worked by changing enabled to false for basicAuthentication:

    <location path="BusinessProcessInvoke.ashx">
     <system.webServer>
      <security>
       <authentication>
        <windowsAuthentication enabled="true" authPersistSingleRequest="false" />
       
        <basicAuthentication enabled="false" />
       </authentication>
      </security>
     </system.webServer>
    </location>
NOTE: Changing the web.config will cause the application pool to recycle.  This will cause a brief outage of the application and should be done with no actively running business processes.  Ensure to create a copy of the web.config file before modification.