You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
** Problem: I am trying to create an API endpoint without requiring permissions to access. I created a controller with a method that does not have the MustHavePermission attribute, but it still requires access token when sending API request.
** Proposed Solution: If a method does not have MustHavePermission attribute, the method should be available for public access without access token
The text was updated successfully, but these errors were encountered:
________________________________
From: Tony Wang ***@***.***>
Sent: Saturday, June 17, 2023 6:48:58 PM
To: fullstackhero/dotnet-webapi-boilerplate ***@***.***>
Cc: Subscribed ***@***.***>
Subject: [fullstackhero/dotnet-webapi-boilerplate] Possible to bypass Permission requirements for accessing an API endpoint? (Issue #867)
[CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe]
** Problem: I am trying to create an API endpoint without requiring permissions to access. I created a controller with a method that does not have the MustHavePermission attribute, but it still requires access token when sending API request.
** Proposed Solution: If a method does not have MustHavePermission attribute, the method should be available for public access without access token
—
Reply to this email directly, view it on GitHub<https://protect-us.mimecast.com/s/DGGZCW6lyNtZNqns6PMYC?domain=github.com>, or unsubscribe<https://protect-us.mimecast.com/s/OI-CCXD0zOijkKLFVKMd0?domain=github.com>.
You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>
** Problem: I am trying to create an API endpoint without requiring permissions to access. I created a controller with a method that does not have the
MustHavePermission
attribute, but it still requires access token when sending API request.** Proposed Solution: If a method does not have
MustHavePermission
attribute, the method should be available for public access without access tokenThe text was updated successfully, but these errors were encountered: