Should RoleClaimType be mapped to roles by default?
See original GitHub issueI noticed that in the latest version I cannot add validation for a role as a C# attribute to an MVC controller anymore. Instead I have to add a line in the controller action.
I would still like to be able to use this syntax
[Authorize("role")]
MyController
{
...
instead of
HttpContext.ValidateAppRole("role")
Would this be possible in the future? Or do I have to implement an attribute myself?
Issue Analytics
- State:
- Created 3 years ago
- Comments:6 (2 by maintainers)
Top Results From Across the Web
Mapping, customizing, and transforming claims in ASP. ...
The claims can be mapped using the TokenValidationParameters property and set to any claim as required.
Read more >Implement app roles authorization with Azure AD and ASP ...
This post shows how to implement Azure AD App roles and applied to ... The roles and the name can should also be...
Read more >User Roles - Microsoft Q&A
By default, the claims mapping will map claim names in the old format to accommodate older SAML applications.
Read more >Why does the role claim have incorrect type?
RoleClaimType) returns an empty list, even though I have proper roles assigned. This is I guess, because -- according to the debugger --...
Read more >Dealing with claim types map — Balea 1.0.0 documentation
Configure the claim types map¶. By default, Balea asummes you are within Microsoft roles world. So, Balea will map roles from the authentication...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
This is now documented in https://github.com/AzureAD/microsoft-identity-web/wiki/Web-APIs#verification-of-scopes-or-app-roles-in-the-controller-actions
@molntamas yes, please specify the roles explicitly.
Closing, but please reopen if needed.