From the course: Azure Essential Training for Developers
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Role-Based vs Claims-Based Authorization - Azure Tutorial
From the course: Azure Essential Training for Developers
Role-Based vs Claims-Based Authorization
- When planning out your security strategy for your applications, two methods can be used. Role-based authorization or claims-based authorization. Let's take a look at each. In Role-based authorization, applications enforce access by roles. These roles can be used in authorized attributes in your code. Alternatively, claims-based authorization enforces permissions by using information about the user rather than relying on a single role declaration. These pieces of information are called claims, and are passed along as part of a user identity. Claims are more granular, and can be customized to include relevant information that your application needs. Let's say you wanted to authorize a loyalty discount to users that are part of your rewards program. With claims-based authorization, you could create a claim called reward program member ID. Then, you could authorize the discount for the users who have this claim as a…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.