Understanding Role-Based Access Control with ASP.NET Web APIs | .NET Conf 2023

preview_player
Показать описание
When you're building an application and want to restrict access to resources and information for different kinds of users, Role-Based Access Control (RBAC) is one of the best, most structured models you can implement. One of the simplest ways to achieve RBAC in web APIs is by leveraging JSON Web Tokens (JWTs) and adding roles as claims.

In this session, join in as we discuss the importance of API security and how you can use JWTs to implement the RBAC pattern in an ASP.NET Web API and better secure your API endpoints.

#dotnet
Рекомендации по теме
Комментарии
Автор

Your passion for your work is contagious.

acodersjourney
Автор

31:19-31:43 The recording screen froze and we don't know what you were doing

tmo
Автор

Worst stream quality yet, very unfortunate. :(

pyce.
Автор

tried my best but had to give up after 10 minutes. even with subtitles its very hard to understand the speaker. i know he is not a native english speaker, but in that case dont make him do the presentation.

krneki
Автор

Besides the quality of the stream itself, it is - compared to all other .net conf sessions - the worst and most useless session. It has no relation to oidc / oauth. Who builds a register/login API with username/password these days?
The session should focus on how to enrich the HttpContext.User with claims from different sources and how to in terms apply that to authPolicies used in controller or minApi endpoints.

michaelpropster
visit shbcf.ru