Chapter 15. Authorization: securing your application

This chapter covers

  • Using authorization to control who can use your app
  • Using claims-based authorization with policies
  • Creating custom policies to handle complex requirements
  • Authorizing a request depending upon the resource being accessed
  • Hiding elements from a Razor template that the user is unauthorized to access

In chapter 14, I showed how to add users to an ASP.NET Core application by adding authentication. With authentication, users can register and log in to your app using an email and password. Whenever you add authentication to an app, you inevitably find you want to be able to restrict what some users can do. The process of determining whether a user can perform a given action ...

Get ASP.NET Core in Action now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.