Feature/use any id server for admin area (#232)

* initial commits around using any id servers * add your own id server for admin area * lots of refactoring, now instead of injecting IWebHostBuilder we just set the Ocelot base url as a configuration extension method..this means people can pass it in on the command line aswell as hardcode which is OK I guess, also can now use your own IdentityServer to authenticate admin area * updated docs for #231 * some tests that hopefully bump up coverage
2025-06-19 12:58:16 +08:00 · 2018-02-14 18:53:18 +00:00
parent 6f177fbf5b
commit 05481f3af3
31 changed files with 876 additions and 546 deletions
--- a/docs/features/authentication.rst
+++ b/docs/features/authentication.rst
@ -135,3 +135,10 @@ Then map the authentication provider key to a ReRoute in your configuration e.g.
                "AllowedScopes": []
            }
        }]
+
+Allowed Scopes
+^^^^^^^^^^^^^
+
+If you add scopes to AllowedScopes Ocelot will get all the user claims (from the token) of the type scope and make sure that the user has all of the scopes in the list.
+
+This is a way to restrict access to a ReRoute on a per scope basis.