Execute - Authentication/Authorization
You can use the
[ActionAuth]-Attribute to control the permission of a user to execute a specific action.
[ActionAuth]-Attribute can be used on the action handler class or a single action
- Without attributes: Authentication required
- Policies: A comma separated string of policy-names. All policies have to succeed. Check out Policies for more details
- Function name: You can optionally pass the name of a function in the class that has to return a boolean. The function will get executed to check if the user is allowed for the action.
The usage equals the usage of the
[QueryAuth]-Attribute. Check out the Documentation for Query