1

I am developing ASP.NET Web API application with Identity 2.0 Bearer authentication. I have configured bearer authentication and implemented SignIn method, so that when I pass header:

Authorization: Bearer uGjAWZA1nPc1AqPuKpAzPhb989SYbtGd...

It works normally. I can call User.Identity.GetUserId() or User.Identity.GetUserName(). I even can check if user is in some role or not, and it also works good.

What is doesn't work, is [Authorize] attribute. When I specify roles, like that [Authorize(Roles = "Admin")] it returns:

{
    Message: "Authorization has been denied for this request."
}

Any thoughts?

Improve this question

1 Answer 1

Reset to default
3

Have you added Role claim when creating your identity?

userIdentity.AddClaim(new Claim(ClaimTypes.Role, "Admin"));
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Excellent! What if at one day admin will change role for user? In this case user will no longer be an Admin but he will be able to use admin resources. How to handle this?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.