24 Authorization: Securing your application

This chapter covers

Using authorization to control who can use your app
Using claims-based authorization with policies
Creating custom policies to handle complex requirements
Authorizing a request depending upon the resource being accessed
Hiding elements from a Razor template that the user is unauthorized to access

In chapter 23 I showed you how to add users to an ASP.NET Core application by adding authentication. With authentication, users can register and log in to your app using an email address and password. Whenever you add authentication to an app, you inevitably find you want to be able to restrict what some users can do. The process of determining whether a user can perform a given action ...

Get ASP.NET Core in Action, Third Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

ASP.NET Core in Action, Third Edition by Andrew Lock

24 Authorization: Securing your application

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly