mirror of
https://github.com/nsnail/Ocelot.git
synced 2025-04-22 13:42:50 +08:00
3ac9b3bd87
* hacked together load balancing reroutes in fileconfig * some renaming and refactoring * more renames * hacked away the old config json * test for issue 213 * renamed key * dont share ports * oops * updated docs * mvoed docs around * port being used
19 lines
592 B
ReStructuredText
19 lines
592 B
ReStructuredText
Authorisation
|
|
=============
|
|
|
|
Ocelot supports claims based authorisation which is run post authentication. This means if
|
|
you have a route you want to authorise you can add the following to you ReRoute configuration.
|
|
|
|
.. code-block:: json
|
|
|
|
"RouteClaimsRequirement": {
|
|
"UserType": "registered"
|
|
}
|
|
|
|
In this example when the authorisation middleware is called Ocelot will check to see
|
|
if the user has the claim type UserType and if the value of that claim is registered.
|
|
If it isn't then the user will not be authorised and the response will be 403 forbidden.
|
|
|
|
|
|
|