Attribute-Based Access Control Sample for a .Net Core API Application

GitHub Link: github.com/venbacodes/ABAC-Sample-for-API

This is a simple demo sample on implementing ABAC in a .Net Core API Application. This uses three main aspects of Attributes => ACCESS, SCOPE, and MODULE.

Key Points
1. Access, Scope, and Module attributes are used
2. It is possible to extend this sample to accommodate as many attributes as needed
3. No External libraries were used
4. Handled all the necessary authn and authz in the handlers itself.
5. Optional takeaway — added an additional path for restricting resources in [PermissionsAuthHandler.cs#L60](https://github.com/venbacodes/ABAC-Sample-for-API/blob/main/Authorization/PermissionsAuthHandler.cs#L60)

To Explore
1. Clone and run the code
2. Generate a JWT token with email/sub and exp. Applicable emails can be found in [TestUsers.cs](https://github.com/venbacodes/ABAC-Sample-for-API/blob/main/Model/TestUsers.cs)
3. Add the generated JWT token in the swagger authorization menu and call the APIs

--

--

--

Web Architect .Net Core, API, Azure, Serverless, Product Design & Delivery, Agile, C#, MVC, SQL DB, Cosmos DB, DevOps, Azure Log Analytics and Workspaces (KQL)

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Tips to aid you in preparing for Java-based interviews

The Path to Great Relationships Part #2. DevOps Engineer and Project Manager

Hlo, everyone…

What you forgot when you planned your brand new application

How to Generate and Decode QR Codes in Python

TOTP Hack (Google Authenticator)

Application vs Process vs Thread

A beginner’s guide to Agile implementation

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Venky Writes

Venky Writes

Web Architect .Net Core, API, Azure, Serverless, Product Design & Delivery, Agile, C#, MVC, SQL DB, Cosmos DB, DevOps, Azure Log Analytics and Workspaces (KQL)

More from Medium

CQRS Pattern Implementation

[Dot Net Core](Graphic series )10.The easiest way to verify the feature of Resolved Singleton

Integrate Coveralls with .Net Core to display badge in GitHub README

Introduction to .NET Framework