RequiredScopeAttribute Constructors
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Overloads
| RequiredScopeAttribute() |
Default constructor. |
| RequiredScopeAttribute(String[]) |
Verifies that the web API is called with the right scopes.
If the token obtained for this API is on behalf of the authenticated user does not have
any of these |
RequiredScopeAttribute()
Default constructor.
public RequiredScopeAttribute ();Public Sub New ()Examples
[RequiredScope(RequiredScopesConfigurationKey="AzureAD:Scope")]
class Controller : BaseController
{
}
Applies to
RequiredScopeAttribute(String[])
Verifies that the web API is called with the right scopes.
If the token obtained for this API is on behalf of the authenticated user does not have
any of these acceptedScopes in its scope claim, the
method updates the HTTP response providing a status code 403 (Forbidden)
and writes to the response body a message telling which scopes are expected in the token.
public RequiredScopeAttribute (params string[] acceptedScopes);new Microsoft.Identity.Web.Resource.RequiredScopeAttribute : string[] -> Microsoft.Identity.Web.Resource.RequiredScopeAttributePublic Sub New (ParamArray acceptedScopes As String())Parameters
- acceptedScopes
- String[]
Scopes accepted by this web API.
Examples
Add the following attribute on the controller/page/action to protect:
[RequiredScope("access_as_user")]
Remarks
When the scopes don't match, the response is a 403 (Forbidden), because the user is authenticated (hence not 401), but not authorized.
See also
- <xref:RequiredScopeAttribute()>