GitHub Link:

This is a simple demo sample on implementing ABAC in a .Net Core API Application. This uses three main aspects of Attributes => ACCESS, SCOPE, and MODULE.

Key Points
1. Access, Scope, and Module attributes are used
2. It is possible to extend this sample to accommodate as many attributes as needed
3. No External libraries were used
4. Handled all the necessary authn and authz in the handlers itself.
5. Optional takeaway — added an additional path for restricting resources in [PermissionsAuthHandler.cs#L60](

To Explore
1. Clone and run the code
2. Generate a JWT token with email/sub and exp. Applicable emails can be found in [TestUsers.cs](
3. Add the generated JWT token in the swagger authorization menu and call the APIs



Identity Server 4 does not provide native impersonation support which I needed for one of my projects. I have implemented one on top of it.

Here is the sample project I did on GitHub.

This is a sample application to show a way to implement impersonation when using Identity Server.

Key Points

  1. Authorization policy has been set up to restrict impersonation to users with specific roles.
  2. Admin users’ email is added as a claim while impersonating so that it can be used while ending the impersonation.
  3. Logic is simple as authenticating with the victim users’ email for impersonation with additional claims to track the impersonation and the impersonating user.



Bold BI is a powerful business intelligence dashboard software that helps you get meaningful insights from your business data and make better decisions.

Bold BI is available both as a SaaS(Bold BI Cloud) and on-premise(Bold BI Embedded).

Bold BI Cloud

We are serving business intelligence Software as a Service using Azure cloud infrastructure…



Venky Writes

Web Architect .Net Core, API, Azure, Serverless, Product Design & Delivery, Agile, C#, MVC, SQL DB, Cosmos DB, DevOps, Azure Log Analytics and Workspaces (KQL)