mirror of
https://github.com/nsnail/Ocelot.git
synced 2025-04-19 23:32:49 +08:00
b74a1197a2
* breaking upgrade base build image to net5.0 * add make and build tools to image * fix code broken after net5.0 upgrade * fix warnings * fix tests and line endings * upgrade dotnet test and coverages packages * update circle build image * removed rafty and updated more packages * bring back develop * rename authorisation to authorization
16 lines
585 B
ReStructuredText
16 lines
585 B
ReStructuredText
Authorization
|
|
=============
|
|
|
|
Ocelot supports claims based authorization which is run post authentication. This means if you have a route you want to authorize you can add the following to you Route configuration.
|
|
|
|
.. code-block:: json
|
|
|
|
"RouteClaimsRequirement": {
|
|
"UserType": "registered"
|
|
}
|
|
|
|
In this example when the authorization middleware is called Ocelot will check to seeif the user has the claim type UserType and if the value of that claim is registered. If it isn't then the user will not be authorized and the response will be 403 forbidden.
|
|
|
|
|
|
|