I am developing ASP.NET Web API application with Identity 2.0 Bearer authentication. I have configured bearer authentication and implemented SignIn method, so that when I pass header:
Authorization: Bearer uGjAWZA1nPc1AqPuKpAzPhb989SYbtGd...
It works normally. I can call User.Identity.GetUserId()
or User.Identity.GetUserName()
. I even can check if user is in some role or not, and it also works good.
What is doesn't work, is [Authorize]
attribute. When I specify roles, like that [Authorize(Roles = "Admin")]
it returns:
{
Message: "Authorization has been denied for this request."
}
Any thoughts?
您在创建身份时添加了角色声明吗?
userIdentity.AddClaim(new Claim(ClaimTypes.Role, "Admin"));
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.