R
R
Rasul2021-06-13 02:00:07
ASP.NET
Rasul, 2021-06-13 02:00:07

Identity Server, how to organize authorization?

Hello! Going to use Identity Server 4 (IS4) for our applications. IS4 will store only general information about the user: organization, department, etc. There are authorization rules or roles specific to a particular application. As I understand it, these rules must be implemented on the application side. Let's say the rule is to give access to a resource only to a specific user, and it is possible to dynamically change this rule. I.e. Rules and roles should be stored in the database. It turns out at the first authorization of the user I have to save them in the application database and then assign rules and roles? How to do it right and is it right to do it?

Answer the question

In order to leave comments, you need to log in

1 answer(s)
I
Ilya, 2021-06-14
@sarapinit

The identity server has a UserEndpoint that can return any user information you configure. It can be roles, it can be some additional structures.
And then you just set up Asp.Net authorization by roles or by claims.
If you want changes to be applied immediately, use a reference_token, maybe with a little caching.
If you are ready to wait, then put short-lived jwt

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question