Home > Net >  How to add AllowAnonymous when using MinimalAPIs?
How to add AllowAnonymous when using MinimalAPIs?

Time:08-26

How to allow anonymous access to an endpoint when using MinimalAPIs?

Assume I have the code below in the Program.cs file of a web app, using the Minimal API syntax:

app.MapGet("/hello", () => "world");

When using non-minimal syntax, we could allow anonymous access to an endpoint by decorating a controller with an [AllowAnonymous] attribute.

How would I perform the same when using the minimal syntax?

CodePudding user response:

You should be able to use AllowAnonymousAttribute on Minimal API handler too as described in the docs:

app.MapGet("/login", [AllowAnonymous] () => "This endpoint is for all roles.");

Or alternatively use the AllowAnonymous method from AuthorizationEndpointConventionBuilderExtensions:

app.MapGet("/login2", () => "This endpoint also for all roles.")
   .AllowAnonymous();

CodePudding user response:

When using the minimal syntax, you could use a chained method call as opposed to an attribute.

app.MapGet("/hello", () => "world").AllowAnonymous();

https://docs.microsoft.com/en-us/aspnet/core/fundamentals/minimal-apis?view=aspnetcore-6.0#allow-unauthenticated-users-to-access-an-endpoint

  • Related