JohnKim
Reputation: 1
how to display controllers dynamically in web api based on user/credentials
I have a web api with four controllers.From the four controllers,i need to give a user access to only that one controller but ensure other users are able to access the remaining controllers.
I have used [ApiExplorerSettings(IgnoreApi = true)] attribute but wanted to have a better way to manage the controllers dynamically.The web api is accessed by two different users and i want one of the users to access only a certain controller only.Any idea how to do this?
Upvotes: 0
Views: 354
Answers (1)
David
Reputation: 219047
You can specify users and roles in the Authorize attribute on your controllers and actions. For example:
// Restrict by user:
[Authorize(Users="Alice,Bob")]
public class ValuesController : ApiController
{
}
// Restrict by role:
[Authorize(Roles="Administrators")]
public class ValuesController : ApiController
{
}
These can be places at the class level or at the action method level.
Upvotes: 1
Related Questions
- Web API Controller Authorization with parameters
- ASP.Net WebApi: How to load additional controllers at runtime
- Accessing a restricted Web API controller when the Web API is part of a MVC Web App?
- How do I implement session aware WEB API on specific controllers?
- Web API controller and MVC controller - Authentication
- ASP.Net MVC Custom Authorization for Web API
- asp.net webapi dynamic authorization
- How to separate authorization logic from controller action?
- WebApi and Controller Authentication
- How to use an authorized username in other controllers