Gerald Hughes
Reputation: 6159
Asp.NET Core use scopes from ADFS to authorize access to web api
Might be an idiotic question, but I cand validate scopes in order to authorize request access to different web apis.
As an user, i have some scopes validated by ADFS, and base on one or more scopes I want to have access to API.
This is what I've tried to add in ConfigureServices() from Startup.cs:
// Policies
services.AddAuthorization(options =>
{
options.AddPolicy("Read",
policy => policy.RequireClaim("Read")); // This is the scope
});
And my web api is decorated like this [Authorize(Policy = "Read")]
Even so I get 403, when i use the bearer token.
Upvotes: 1
Views: 1245
Answers (1)
Gerald Hughes
Reputation: 6159
Replace with this:
policy => policy.RequireClaim("scope", "Read")); // This is the scope
Apparently you have to tell it where to check the scope for.
Upvotes: 2
Related Questions
- calling Azure AD secured own Web API n with specific scope using daemon / console app
- ASP.NET Core Web API + Azure AD Authentication
- How to Authorize AD users with .Net Core
- Authorization with Asp.Net Core WebAPI
- ADFS single-sign on with ASP.NET Core web app and .NET Core API
- .net Core Api authentication with ADFS 2012
- ASP.NET core WEB API with AD FS authentication
- Authentication to ASP.NET Web Api using ADFS
- Implementing active directory authentication using web api and its scope
- Pass ADFS Token to a Service