Closed akaNico closed 5 years ago
Ok, I resolved. The method GenerateEncodedToken on JwtFactory does not add the user role claims (ClaimTypes.Role). This makes the Authorize attribute useless. Now, for the architecture of your projects, it is not easy to bring the roles into the JwtFactory to add the requested claims. But this is the cause of the issue.
Bye
Hi, I tried to add a new policy based on Roles, therefore into the AddAuthorization lambda expression I added the following line
options.AddPolicy("ApiSuperAdmin", policy => policy.RequireRole(UserRoles.Superadmin));
Then I created a new action into the ProtectedController and changed the Authorization attribute to use the new policy[Authorize(Policy = "ApiSuperAdmin")]
Now when I call the previous action the API returns 200 but when I try to call the new action protected by the new policy the API return 403. It seems like the system is not able to understand the new policy. Could you help me to find a solution? Thank you.