Partilhar via


IdentityApplicationOptions.AllowWebApiToBeAuthorizedByACL Property

Definition

Web APIs called on behalf of a user can validate a token based on scopes (representing delegated permissions). Web APIs called by daemon applications can validate a token based on roles (representing app permissions). By default, the web API will validate the presence of roles and scopes. You can set this property to false to use the ACL-based authorization pattern for the client (daemon) to the web API. If using ACL-based authorization, the implementation will not throw if roles or scopes are not in the Claims. For details see https://aka.ms/ms-identity-web/daemon-ACL.

public bool AllowWebApiToBeAuthorizedByACL { get; set; }
member this.AllowWebApiToBeAuthorizedByACL : bool with get, set
Public Property AllowWebApiToBeAuthorizedByACL As Boolean

Property Value

Applies to