Home > Blockchain >  Does ASP.NET Core's policy-based authorization require specific claim types in the token?
Does ASP.NET Core's policy-based authorization require specific claim types in the token?

Time:09-06

I'm thinking about switching from role-based to policy-based authorization in my ASP.NET Core API.

I am currently using JWT to handle authorization, with the current user's role added to the access token as a ClaimTypes.Role. My guess is that the default [Authorize] attribute uses the ClaimsPrincipal.IsInRole() method to authorize requests, which in turn looks specifically at claims where the claim type equals ClaimTypes.Role.

Now if I switch over to policy-based authorization, I need to replace roles with permissions inside my access tokens. The question is, am I okay to continue adding those permissions to my token as ClaimTypes.Role, or should I be using a different ClaimTypes?

CodePudding user response:

There is no need to modify the ClaimTypes.Role , you could continue using it.

According to this article description, I suggest you could use policy based authorization will also check the role claim.

builder.Services.AddAuthorization(options =>
{
    options.AddPolicy("AtLeast21", policy =>
        policy.RequireRole(""));
});

Page link:https//www.codepudding.com/Blockchain/535090.html

Prev:Communicate with SignalR server application from another Windows process
Next:Running a for loop for renaming column
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding