Support us .Net Basics C# SQL ASP.NET Aarvi MVC Slides C# Programs Subscribe Download

Claim type and claim value in claims policy based authorization in asp.net core

Suggested Videos
Part 95 - Role based authorization vs claims based authorization in asp.net core | Text | Slides
Part 96 - Authorization in views in asp.net core mvc | Text | Slides
Part 97 - Change AccessDenied route in ASP.NET Core | Text | Slides

In this video we will discuss using both the claim type and claim value in policy based authorization in asp.net core mvc.

Consider the following Authorization policy. To satisfy this policy the loggedin user must have Edit Role claim. At the moment we are not checking for any value.


services.AddAuthorization(options =>
{
    options.AddPolicy("EditRolePolicy",
        policy => policy.RequireClaim("Edit Role"));
});


Most claims come with a value. To satisfy this policy the loggedin user must have Edit Role claim with a value of true.

services.AddAuthorization(options =>
{
    options.AddPolicy("EditRolePolicy",
        policy => policy.RequireClaim("Edit Role", "true"));
});

A list of allowed values can also be specified. To satisfy the following policy the loggedin user must have Country claim with a value of USA, India, or UK

services.AddAuthorization(options =>
{
    options.AddPolicy("AllowedCountryPolicy",
        policy => policy.RequireClaim("Country", "USA", "India", "UK"));
});

ClaimType comparison is case in-sensitive where as ClaimValue comparison is case sensitive.

asp.net core tutorial for beginners

No comments:

Post a Comment

It would be great if you can help share these free resources