Identityserver4.admin: Guidance
For the following scenario:
I have an API with two endpoints, how can I protected them using your solution, and how can I grant access to one user to one endpoint only and to another user to the second endpoint?
And what is the purpose of a consent here?
Please bear with me I might ask stupid questions but I am trying to understand this concept.
DavidDury
>All comments
This is a general Authorization/Authentication question.
I will try to explain how you can aproach. If you are using Asp.Net authentication and authorization or other OAuth an OpenId based system you should use politics or role based authorization to grant access to users to diferent places of your app.
This project provides you with what you need to have an identity system and its complementary information such as roles or claims using Identity Server, an Api and a user environment to manage the data.
The concept of consent is messy at times. Think on a system with 3 independent part
We have three elements.
1.The client application
2.The IdentityServer
3.The resource the client app want to access (your emails, your github commits, your info about apps downloaded from the apple store ...)
The client identifies you through the IdentityServer and then the IdentityServer asks you how information it has stored you want to share with the client application with a consent screen.
If you control all three elements it is a bit more difficult to understand the first time.
Please note that the consent screen can be disabled.
I hope I explained it well
vicentt
on 15 Sep 2020
Related issues
weedkiller
路
4Comments
yehia2amer
路
3Comments
skoruba
路
4Comments
adeelansari
路
4Comments
Mehrdad-Davoudi
路
4Comments
Most helpful comment
This is a general Authorization/Authentication question.
I will try to explain how you can aproach. If you are using Asp.Net authentication and authorization or other OAuth an OpenId based system you should use politics or role based authorization to grant access to users to diferent places of your app.
This project provides you with what you need to have an identity system and its complementary information such as roles or claims using Identity Server, an Api and a user environment to manage the data.
The concept of consent is messy at times. Think on a system with 3 independent part
We have three elements.
1.The client application
2.The IdentityServer
3.The resource the client app want to access (your emails, your github commits, your info about apps downloaded from the apple store ...)
The client identifies you through the IdentityServer and then the IdentityServer asks you how information it has stored you want to share with the client application with a consent screen.
If you control all three elements it is a bit more difficult to understand the first time.
Please note that the consent screen can be disabled.
I hope I explained it well