Mid From PDF ASP.NET Core ASP.NET Core

Role-based vs policy-based authorization?

✅ Role-based:

[Authorize(Roles = "Admin")]

✅ Policy-based:

services.AddAuthorization(options => {

options.AddPolicy("CanEdit", policy =>

policy.RequireClaim("EditPermission"));

});

Then use:

[Authorize(Policy = "CanEdit")]

Policy-based gives more flexibility (custom requirements, claims, logic).

More from ASP.NET Core Tutorial

All questions for this course
Toolliyo Assistant
Ask about tutorials, ebooks, training, pricing, mentor services, and support. I use public site content only—not admin or internal tools.

care@toolliyo.com

Need callback? Share your details