DEV Community

Cover image for Attribute-Based Access Control Sample for a .Net Core API Application
Venkatesan Rethinam
Venkatesan Rethinam

Posted on

3

Attribute-Based Access Control Sample for a .Net Core API Application

GitHub Link: github.com/venbacodes/ABAC-Sample-for-API

This is a simple demo sample on implementing ABAC in a .Net Core API Application. This uses three main aspects of Attributes => ACCESS, SCOPE, and MODULE.

Key Points

  1. Access, Scope, and Module attributes are used
  2. It is possible to extend this sample to accommodate as many attributes as needed
  3. No External libraries were used
  4. Handled all the necessary authn and authz in the handlers itself.
  5. Optional takeaway - added an additional path for restricting resources in PermissionsAuthHandler.cs#L60

To Explore

  1. Clone and run the code
  2. Generate a JWT token with email/sub and exp. Applicable emails can be found in TestUsers.cs
  3. Add the generated JWT token in the swagger authorization menu and call the APIs

Heroku

This site is built on Heroku

Join the ranks of developers at Salesforce, Airbase, DEV, and more who deploy their mission critical applications on Heroku. Sign up today and launch your first app!

Get Started

Top comments (0)

A Workflow Copilot. Tailored to You.

Pieces.app image

Our desktop app, with its intelligent copilot, streamlines coding by generating snippets, extracting code from screenshots, and accelerating problem-solving.

Read the docs

👋 Kindness is contagious

Dive into an ocean of knowledge with this thought-provoking post, revered deeply within the supportive DEV Community. Developers of all levels are welcome to join and enhance our collective intelligence.

Saying a simple "thank you" can brighten someone's day. Share your gratitude in the comments below!

On DEV, sharing ideas eases our path and fortifies our community connections. Found this helpful? Sending a quick thanks to the author can be profoundly valued.

Okay