0Pricing
C# Academy · Lesson

Claims-Based Authorization

Authorize based on user claims.

Beyond Roles

Roles are a special case of claims. Claims-based authorization checks any claim - email, department, subscription tier, a permission flag - not just roles.

This gives you finer control without inventing dozens of roles.

// Claims a user might carry:
// department = sales
// subscription = pro
// email_verified = true

Adding Claims to a Token

Issue whatever claims your authorization rules will inspect. The claim is a type/value pair.

var claims = new List<Claim>
{
    new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
    new Claim("department", "sales"),
    new Claim("subscription", "pro"),
    new Claim("email_verified", "true")
};

All lessons in this course

  1. Role-Based Authorization
  2. Claims-Based Authorization
  3. Policy-Based Authorization
  4. Custom Authorization Requirements
← Back to C# Academy