Indicate how to specify error messaging to the user based on authorization failure

[fiksen99]

It's not clear how to pass specific messaging from the authorization handlers, which has the context on why a request was forbidden, to the authentication's scheme handlers, which formats the response to users when context.Fail has been called.

It looks like something in httpContext.Authentication could provide a way to pass messaging back to the scheme handler (IAuthenticationHandler) but this appears to be a deprecated property and so clarification would be useful.

The rest of the article is detailed and great, I think this final step is missing that would help complete the article

---

Document Details

⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

• ID: b1141d92-adeb-6841-229f-914c808f9a2b
• Version Independent ID: 7089b376-949f-c1c6-c37a-5d8cc7ecf104
• Content: Policy-based authorization in ASP.NET Core
• Content Source: aspnetcore/security/authorization/policies.md
• Product: aspnet-core
• Technology: aspnetcore-security
• GitHub Login: @Rick-Anderson
• Microsoft Alias: riande

[Rick-Anderson]

Moved to Master issue for Policy-based authorization #16191

[Rick-Anderson]

@fiksen99 good question. Hopefully @blowdart can respond to this and other issues on this doc.