DEV Community

Cover image for Attribute-Based Access Control Sample for a .Net Core API Application
Venkatesan Rethinam
Venkatesan Rethinam

Posted on

Attribute-Based Access Control Sample for a .Net Core API Application

#dotnet #authorization #authentication #permissions

GitHub Link: github.com/venbacodes/ABAC-Sample-for-API

This is a simple demo sample on implementing ABAC in a .Net Core API Application. This uses three main aspects of Attributes => ACCESS, SCOPE, and MODULE.

Key Points

  1. Access, Scope, and Module attributes are used
  2. It is possible to extend this sample to accommodate as many attributes as needed
  3. No External libraries were used
  4. Handled all the necessary authn and authz in the handlers itself.
  5. Optional takeaway - added an additional path for restricting resources in PermissionsAuthHandler.cs#L60

To Explore

  1. Clone and run the code
  2. Generate a JWT token with email/sub and exp. Applicable emails can be found in TestUsers.cs
  3. Add the generated JWT token in the swagger authorization menu and call the APIs

Top comments (0)

Read next

mustafakhaleddev profile image

Why Hashed OTP Tokens Are Better Than Storing Them in a Database

Mustafa Khaled -

pvsdev profile image

# What's new in \.NET 9?

Anastasiia Vorobeva -

0x2e73 profile image

Creating a RESTful API with .NET and Clean Architecture: A Complete Guide 🚀

0x2e73 -

sohan26 profile image

How I'm Learning SpiceDB

Sohan -