Auth0 Roles/Claims not being exposed to AuthorizeView #10
Comments
|
Hi, I have to apologize as I forgot to write the proper docs. Short explanation: The library is prefixing the permissions keys with "permission:" to avoid potential collisions. Verbose Explanation: Currently I'm experimenting by prefixing the permissions claims with a "permissions:" tag when setting the polices, ie: services.AddAuthorization(options => {
options.AddPolicy("[POLICY_NAME]", policy => policy.RequireClaim("permission:[permission_name]"));
});In other words, for the "read:weather_forecast" permission name you'll need to say policy.RequireClaim("permission:read:weather_forecast"));If it is still confusing, then you can look here to find an example of claims utilization with server side Balzor's built-in authorization mechanisim. Final Note: Looks like Auth0 is not including the role names when using its RBAC system, so currently The only method that I have managed to make work is via permission claims. Please let me know if this helped, or if otherwise you're in need of further clarification. Thanks. |
|
@Pegazux thanks so much for the quick response! Again, you're a rock star! That fixed the issue and we're good to go again. |
This may or may not be something you are working on, but we're attempting to use Blazor's built in Authorization and Authentication with your Auth0 components.
The API is setup correctly and the user has the custom claims, but when trying to see if a user is in a specific role it always acts as if they are not.
Any suggestions on how to fix this or is it even possible?
The text was updated successfully, but these errors were encountered: