- جائیکه قرار است Roles یا Claims با هم «And» شوند از روش متداول استفاده کنید:
options.AddPolicy("ElevatedRights", policyBuilder => policyBuilder.RequireRole("Administrator", "PowerUser", "BackupAdministrator"));
policyBuilder => policyBuilder .RequireClaim("VIPNumber") .RequireClaim("EmployeeNumber") .RequireRole("CEO"));
services.AddAuthorization(options => { options.AddPolicy( "CanAccessVIPArea", policyBuilder => policyBuilder.RequireAssertion( context => context.User.HasClaim(claim => claim.Type == "VIPNumber" || claim.Type == "EmployeeNumber") || context.User.IsInRole("CEO")) ); });