CodeScrat
Reputation: 43
Set Authorization Policy from roles stored in JWT
I have set up a Asp.Net Core 3.1 Api application which grants the tokens to users.
Users may have multiple roles. The JWT contains these roles under the claim "Role":
Role: ["Finance", "Manager"]
Authentication works, but I am trying to set up authorization, using:
services.AddAuthorization(options =>
{
options.AddPolicy("Admin", policy => policy.RequireRole("Admin"));
});
My problem is this policy has to read the existence of "Admin" which is the part of "Role" claim. How can I make the policy that looks for an element in a claim array? I have tried RequireClaim and also tried to chain it as in policy.RequireClaim("Role").RequireClaim("Admin") to no avail.
Upvotes: 1
Views: 416
Answers (1)
CodeScrat
Reputation: 43
I solved it by this overload:
services.AddAuthorization(options =>
{
options.AddPolicy("Admin", policy => policy.RequireClaim("Roles", "Admin"));
});
Upvotes: 2
Related Questions
- How to add Policy and Role in JwtSecurityTokenHandler in asp.net CORE
- How to add a policy for role in ASP.NET Core for JWT?
- JWT authorization with roles in Identity Core
- ASP.NET Core JWTAuthentication and Authorize Role Claims
- .NET Core 3.1 role-based authorization with JWT returns 403 forbidden
- How do I make and use JWT role based authentication?
- How to limit an aspnet core Action for specific Roles with Auth0 and JWT
- JWT Authentication by role claims in ASP.NET core Identity
- Jwt Role authentication in controller ASP.net core 2.1
- Custom policy auth in ASPNET Core 2 (jwt auth)