You already know how role-based authorization works in ASP.NET Core.
[Authorize(Roles = "Administrator")] public class AdministrationController : Controller { }
But what if you don't want hardcode roles on the Authorize
attribute or create roles later and specify in which controller and action it has access without touching source code?
DynamicAuthorization helps you authorize users without hardcoding role(s) on the Authorize
attribute with minimum effort. DynamicAuthorization is built at the top
of ASP.NET Core Identity and use identity mechanism for managing roles
and authorizing users.