Simple role based authorization with Microsoft Entra ID in ASP.NET Core | HOW TO - Code Samples

#coding #codingbootcamp #softwaredeveloper #CodeYourFuture

This video describes steps required to configure and implement role based authorization using the Microsoft Identity Platform. We’re going to

- Configure Authentication and Authorization in Microsoft Entra ID

- Build simple ASP.NET Core Minimal API app that’s secured both with authentication and app role based authorization

-Authenticate in Postman by creating a new OAuth2 access token to test the API

Use Postman for testing
Finally we use Postman to test our API endpoints. Since those are protected we need to sign in first in Entra ID, acquire an OAuth2 access token and use this in the authorization header of our http requests.

With the token acquired we can now call our demo app locally and test if roles are enforced correctly.

App Roles in Microsoft Entra ID provide an easy way to implement role based authorization for simple scenarios. The Microsoft Identity Platform with it’s open source libraries make it simple to implement authentication and authorization to protect APIs in ASP.NET Core. Postman can be used it request OAuth 2.0 access tokens from Microsoft Entra ID facilitating testing protected APIs.