mirror of
https://github.com/nsnail/Ocelot.git
synced 2025-04-19 23:32:49 +08:00
19 lines
574 B
ReStructuredText
19 lines
574 B
ReStructuredText
Authorisation
|
|
=============
|
|
|
|
Ocelot supports claims based authorisation which is run post authentication. This means if
|
|
you have a route you want to authorise you can add the following to you ReRoute configuration.
|
|
|
|
.. code-block:: json
|
|
|
|
"RouteClaimsRequirement": {
|
|
"UserType": "registered"
|
|
}
|
|
|
|
In this example when the authorisation middleware is called Ocelot will check to see
|
|
if the user has the claim type UserType and if the value of that claim is registered.
|
|
If it isn't then the user will not be authorised and the response will be 403 forbidden.
|
|
|
|
|
|
|