https://stackoverflow.com/questions/22601883
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianClaims are key/value pairs. For example: Claim type "Email", claim value "brockallen@gmail.com".
Roles are just claims: Claim type "Role", value "Sydney".
Role based authorization in claim-based system
-
19-06-2023 - |
Question
I am building a brand new ASP.NET MVC application with ASPNET identity. I am thinking whether to use or a hybrid of role-based and claim-based together.
The reason for hybrid is: Use role to control wider level access (Define Groups, e.g. New Your User Group, Sydney User Group), and claim-based to control more sophisticated level of access ,e.g. controller, developer, tester).
So if I want control at the level of Sydney User Group and developer only, I can use both role and claims together.
Does this sound right, or should I just use purely claim based authorization?
Solution
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
