Brick wall

Protecting your API endpoints with dynamic policies in ASP.NET Core

This is the third post in the Authorization in ASP.NET Core series. Part 1: Using a middleware to build a permission-based identity in ASP.NET Core Part 2: Deep dive into policy-based authorization in ASP.NET Core Part 3: Protecting your API endpoints with dynamic policies in ASP.NET Core (this post) In this post, we’ll come full circle. I’ll show you how to put everything together and start authorizing API endpoints with permissions....

March 31, 2021 · 14 min · Joao Grassi
Blue jelly fishes in deep ocean

Deep dive into policy-based authorization in ASP.NET Core

This is the second post in the Authorization in ASP.NET Core series. Part 1: Using a middleware to build a permission-based identity in ASP.NET Core Part 2: Deep dive into policy-based authorization in ASP.NET Core (this post) Part 3: Protecting your API endpoints with dynamic policies in ASP.NET Core In the previous post, we set the foundation by creating a ClaimsIdentity containing all the logged-in user permissions with the help of a custom middleware....

March 15, 2021 · 14 min · Joao Grassi
No trespassing sign

Using a middleware to build a permission-based identity in ASP.NET Core

This post is the first in a series about Authorization in ASP.NET Core. I’ll guide you through a series of approaches you can use to implement authorization in your ASP.NET Core APIs, focusing on advanced/real-world scenarios. Here’s a sneak peek for what I plan to show you: Where to store and resolve authorization-like data How to protect your API endpoints using permission-based authorization using the built-in types in the framework Reduce duplication and make things smarter by implementing a custom Authentication Handler....

March 6, 2021 · 11 min · Joao Grassi