DEV Community

Cover image for Attribute-Based Access Control Sample for a .Net Core API Application
Venkatesan Rethinam
Venkatesan Rethinam

Posted on

4

Attribute-Based Access Control Sample for a .Net Core API Application

GitHub Link: github.com/venbacodes/ABAC-Sample-for-API

This is a simple demo sample on implementing ABAC in a .Net Core API Application. This uses three main aspects of Attributes => ACCESS, SCOPE, and MODULE.

Key Points

  1. Access, Scope, and Module attributes are used
  2. It is possible to extend this sample to accommodate as many attributes as needed
  3. No External libraries were used
  4. Handled all the necessary authn and authz in the handlers itself.
  5. Optional takeaway - added an additional path for restricting resources in PermissionsAuthHandler.cs#L60

To Explore

  1. Clone and run the code
  2. Generate a JWT token with email/sub and exp. Applicable emails can be found in TestUsers.cs
  3. Add the generated JWT token in the swagger authorization menu and call the APIs

Image of Docusign

🛠️ Bring your solution into Docusign. Reach over 1.6M customers.

Docusign is now extensible. Overcome challenges with disconnected products and inaccessible data by bringing your solutions into Docusign and publishing to 1.6M customers in the App Center.

Learn more

Top comments (0)

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more

👋 Kindness is contagious

Discover a treasure trove of wisdom within this insightful piece, highly respected in the nurturing DEV Community enviroment. Developers, whether novice or expert, are encouraged to participate and add to our shared knowledge basin.

A simple "thank you" can illuminate someone's day. Express your appreciation in the comments section!

On DEV, sharing ideas smoothens our journey and strengthens our community ties. Learn something useful? Offering a quick thanks to the author is deeply appreciated.

Okay