mirror of
https://github.com/nsnail/Ocelot.git
synced 2025-11-04 10:35:28 +08:00
Feature/docs (#165)
* initial readthedocs commit * docs moved to sphinx / rst / read the docs
This commit is contained in:
Tom Pallister
18
docs/features/authorisation.rst
Normal file
18
docs/features/authorisation.rst
Normal file
@@ -0,0 +1,18 @@
|
||||
Authorisation
|
||||
=============
|
||||
|
||||
Ocelot supports claims based authorisation which is run post authentication. This means if
|
||||
you have a route you want to authorise you can add the following to you ReRoute configuration.
|
||||
|
||||
.. code-block:: json
|
||||
|
||||
"RouteClaimsRequirement": {
|
||||
"UserType": "registered"
|
||||
}
|
||||
|
||||
In this example when the authorisation middleware is called Ocelot will check to see
|
||||
if the user has the claim type UserType and if the value of that claim is registered.
|
||||
If it isn't then the user will not be authorised and the response will be 403 forbidden.
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user