Policy Provider

You can add automatic policy registration via ProtectedResourcePolicyProvider based on a simple convention. It means that you don't need to register policies manually.

The expected policy format is: <resource>#<scope1>,<scope2>, e.g: my-workspace#workspaces:read,workspaces:delete.

Usage

The example below demonstrates how to automatically register policies based on policy name:

csharp

var builder = WebApplication.CreateBuilder(args);
var services = builder.Services;
var configuration = builder.Configuration;

services
    .AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
    .AddKeycloakWebApi(context.Configuration);

services
    .AddAuthorization()
    .AddKeycloakAuthorization();

services.AddAuthorizationServer(options => { 
    configuration.BindKeycloakOptions(options); 
    options.UseProtectedResourcePolicyProvider = true; 
}); 

var app = builder.Build();

app.UseAuthentication(); 
app.UseAuthorization(); 

app.MapGet("/", () => "Hello World!")
    .RequireAuthorization("my-workspace#workspaces:read"); 

app.Run();

Protected Resources ✨

Protected Resource Builder

Use Authorization Client

Admin API Reference

Protection API Reference

Policy Provider

Usage

Protected Resource Builder

Policy Provider ​

Usage ​

Policy Provider

Usage