Policy Provider
You can add automatic policy registration via ProtectedResourcePolicyProvider
based on a simple convention. It means that you don't need to register policies manually.
The expected policy format is: <resource>#<scope1>,<scope2>
, e.g: my-workspace#workspaces:read,workspaces:delete
.
Usage
The example below demonstrates how to automatically register policies based on policy name:
csharp
var builder = WebApplication.CreateBuilder(args);
var services = builder.Services;
var configuration = builder.Configuration;
services
.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddKeycloakWebApi(context.Configuration);
services
.AddAuthorization()
.AddKeycloakAuthorization();
services.AddAuthorizationServer(options => {
configuration.BindKeycloakOptions(options);
options.UseProtectedResourcePolicyProvider = true;
});
var app = builder.Build();
app.UseAuthentication();
app.UseAuthorization();
app.MapGet("/", () => "Hello World!")
.RequireAuthorization("my-workspace#workspaces:read");
app.Run();
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26