If I have two .net core WebApi Controllers, AdminController and UserController (in one project). And both requires authorization then how can I set them as 2 scopes in IdentityServer4 so that Admin user would have access to both controllers but simple user could not access Admin controller but simple user controller only? My client is of Angular 2 type. And is there any example where Role based authorization is also shown ? Thanks,Maverick
Role based Authorization on WebApi Controllers in IdentityServer4?
1.4k Views Asked by Dany At
1
There are 1 best solutions below
Related Questions in ASP.NET-CORE-1.0
- ASP.NET 5 Self-Host
- Role based Authorization on WebApi Controllers in IdentityServer4?
- How to access IHostingEnvironment in middleware class
- Getting a 415 Unsupported Media Type error when posting an ASP.NET Core MVC form with unobtrusive ajax
- Changing ASP Core default route to different controller
- ASP.NET Core Bluemix sample+VS 2015 update 3
- Use nameof() to get a attributepath for ModelState.AddModelError()
- GitHub repository for UseStatusCodePagesWithReExecute?
- In ASP.NET Core, does the IoC ASP Startup Class solve what the Managed Extensibility Framework solved with a catalog and container?
- "The directory name /app/Views/ is invalid" on ASP.NET Core deployment using docker
- yeoman aspnet:mvccontroller generator scaffolding with model on OSx
- EntityFramework code first: Set order of fields
- Access Cookies in Controller that are set in javascript Asp.Net Core
- Unable to generate model from database in Visual Studio 2017 RC
- Aspnet core deployment to IIS - HTTP Error 502.3
Related Questions in OPENID-CONNECT
- OpenID Connect Account linking
- Authentication with OAuth and JWT but without OpenID Connect
- How to retrieve an OpenID Connect Identity Token from a cookie
- Windows Live Open ID Connect/Oauth 2.0 How to use for SSO with Apache mod_auth_openidc
- Get the user's email address from Azure AD via OpenID Connect
- Validate an Access Token at the Resource Server and Respond Accordingly
- Google OAuth: What do the various fields in id_token stand for?
- Role based Authorization on WebApi Controllers in IdentityServer4?
- Does OpenID Connect support resource sharing
- Manual accesstoken generation using OpenIdConnect Server (ASOS)
- Failing Okta OAuth2 token validation in AspNetCore
- OpenID Connect Standard: Authorized Party azp Contradiction
- Storage of OAuth access tokens in Javascript clients (e.g. Angular)
- Implementing SSO using OpenID Connect and usage of tokens
- Azure AD OpenIDConnect + ASP.NET Core - Authenticate and Extra Permissions/Token?
Related Questions in IDENTITYSERVER4
- Role based Authorization on WebApi Controllers in IdentityServer4?
- No storage mechanism for grants specified. Use the 'AddInMemoryStores' extension method to register a development version
- How to implement Windows Authentication with IdentityServer 4
- Identity Server Difference between IdentityServer4.EntityFramework and IdentityServer4.AspNetIdentity
- Storage of OAuth access tokens in Javascript clients (e.g. Angular)
- Client registration and login page with Identity server 4
- Google Auth not returning a consistent ID with IdentityServer4
- IdentityServer4 RequireConsent true hangs
- Get current user name in IdentityServer4 & ASP.net Core
- Protecting .NET framework 4.x web API with Identity server 4 in
- Sharing of JWT Tokens
- Can I use IdentityServer4 spa JS UI instead of asp .net core mvc?
- Does IdentityServer4 have API to validate an access token?
- IdentityServer4 IdentityServer3.AccessTokenValidation
- How to get id_token along with access_token from identityserver4 via "password" grant_type?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Not the definitive answer to your question probably (since it doesnt involve 2 scopes) - but it might lead you somewhere.
Im assuming your using the TokenValidation middleware, and that your api is setup using IdentityServerAuthentication
You can have a role claim, which indicates what role the user has (ie. user, admin). Then you can put up a check on the role for the admin api using the
[Authorize(Roles="admin")]attribute, and for the user api, just use[Authorize]which ensures that a user is logged in, or specify both roles as a comma separated list ([Authorize(Roles="admin,user")]) if needed.i.e:
Here is a link to the docs on the Authorize attribute for .net Core:
https://learn.microsoft.com/en-us/aspnet/core/security/authorization/roles