Restricting endpoints with Claims | ASP.NET Core 5 REST API Tutorial 17

This series are fantastic...finally understanding the claims concept in a clear and easy way...thanks!

dloperab

Thank you SO much for this. I was trying to manually pull claims out of the JWT instead of by policy. This is so much easier!

jamesbest

Not sure if this is helpful, but another way of doing it, and may help those who struggle to understand, is if you are not using the inbuilt userManagement classes like me, you can simply create a new field in your model/database for your user and call it "CanViewTags" or something and make it boolean. So when the claims are being added simply add a line of: new Claim("tags.view", user.CanViewTags.ToString()); instead of Nick's changes to the claims manager. Obviously you will need some code that sets the flag in CanViewTags, but that is entirely up to you, how to do it, you can simply set it to true when the user is created, which is effectively what Nick is doing. i.e. on create user just set User.CanViewTags = true;

HoleyMoleyAlex

Thanks for making things clear so far, I have gained quite a lot up till this point.

However, I'll need a link to the source code as it's a little difficult continuing. The initial link is no longer available.

I'll appreciate your response, thanks.

temitayoadesugba

I really do enjoy the series and appreciate all the effort you put into the tutorial, keep it up. And could you mind make some tutorial deep dive into entity framework, how it compares with stored procedure DA layer?

MinhNguyen-tfbq

Hi! Thank you for your videos i watched them all and this REST API tutorial is great.
Remark for this video:
You shouldn't modify the source code whitout showing that.
It took a little time to modify the project to be like yours.

patrikfajnar

Can we Show required OAuth scopes on each endpoint in .net core. The API I am documenting has a lot of scopes available. However, a single endpoint usually only requires one scope. Currently I am able to show all scopes the API has. It would be great to know which individual scopes are required per endpoint.

priyankasingh-dlop

Hi Nick, I'am watching these JWT videos and wondering is there a way plug in Facebook Log-in?
Great Videos!

mariozee

This series is cool man. If only you could please make the recording clearer. The fonts are way too small to see the code so I just follow mentally. Please 🙏🙏

bayobizzle

Hi Nick, that is possible with NET Framework 4.6.1?

patriciourbieta

Are claims safe enough to authorize credit card (payed) content?

CamiloHinojosa

=> xx.Post).HasKey(x => new { x.PostId, x.TagName });
Can you please explain what is this line of code doing?

malikehsan

Excuse me you add Tag class and tagcontroller kindly show where it was added in your tutorial in order to get back on track

abidemiahmmed

Did not understand a single things of this video

sefatanam

You're moving far too fast for this to be a tutorial. You move around in the Swagger UI too fast. You don't zoom into the areas you're focused on. Why are you adding and configuring services in MvcInstaller.cs instead of Startup.cs? Shit's just weird with no explanation.

OldTruthSeeker