Duration : 00:35:44
In this session on flexible authorization with ASP.NET Core, Jason Taylor, a solution architect for Increment, discusses the basics of authentication and authorization. He explains that authentication determines a users identity, while authorization determines which resources a user can access. He demonstrates a basic approach using role-based access control, but points out its limitations in complex systems. He then shows how to extend the ASP.NET Core authorization framework to overcome these limitations. He also provides live demonstrations using a Blazer WebAssembly app. ASP.NET Core authorization supports various types of authorization, such as role-based, claims-based, policy-based, view-based, and resource-based. It also allows for the creation of custom authorization policies and easy customization of the authorization middleware. Examples of simple and sophisticated authorization configurations are provided using attributes in controllers and Razor pages. The concepts discussed in this session apply to Blazer WebAssembly as well.