C
C#•7mo ago
Arch Leaders

Restrict register endpoint using ASP.NET Core Identity

I'm using ASP.NET Core Identity as my authentication flow in a simple Web API. However, because the register/login/etc endpoints are automatically created, I can't restrict any of the endpoints like I usually would. Is there a way to configure the default requirements (claims) for any one of the auto-generated endpoints? For example, I don't want /register to be public, I would like it to require an Admin claim. Is this possible?
6 Replies
Arch Leaders
Arch LeadersOP•7mo ago
I can restrict all of them using this, however this also restricts /login which doesn't work for obvious reasons.
app.MapIdentityApi<User>()
.RequireAuthorization(x => x.RequireClaim("Admin"));
app.MapIdentityApi<User>()
.RequireAuthorization(x => x.RequireClaim("Admin"));
Found an SO post that suggested just copying the extension class from MS and making my changes. I'm open to a cleaner solution though.
Joschi
Joschi•7mo ago
I believe you could write a policy and conditionally apply the requirements based on the requested route in the AuthorizationHandler
tera
tera•7mo ago
you could write a middleware but anyway that register endpoint is really meant to be used by the user creating their account, not an admin so you should rather just copy and edit it to suit your needs whole MapIdentityApi is not much code well ok 500ish lines 😂 but its not complicated stuff
tera
tera•7mo ago
GitHub
aspnetcore/src/Identity/Core/src/IdentityApiEndpointRouteBuilderExt...
ASP.NET Core is a cross-platform .NET framework for building modern cloud-based web applications on Windows, Mac, or Linux. - dotnet/aspnetcore
tera
tera•7mo ago
i feel like this is just meant as a starting point.. it's not gonna fit everyones needs you likely don't need everything that it includes actually nvm about this point, seems fine either way
Arch Leaders
Arch LeadersOP•7mo ago
Hm, I'll look into it. Thanks!

Did you find this page helpful?