RequiredScopeAttribute Constructors

Definition

Overloads

RequiredScopeAttribute()

Default constructor.

RequiredScopeAttribute(String[])

Verifies that the web API is called with the right scopes. If the token obtained for this API is on behalf of the authenticated user does not have any of these acceptedScopes in its scope claim, the method updates the HTTP response providing a status code 403 (Forbidden) and writes to the response body a message telling which scopes are expected in the token.

RequiredScopeAttribute()

Default constructor.

public RequiredScopeAttribute ();
Public Sub New ()

Examples

[RequiredScope(RequiredScopesConfigurationKey="AzureAD:Scope")]
class Controller : BaseController
{
}

Applies to

RequiredScopeAttribute(String[])

Verifies that the web API is called with the right scopes. If the token obtained for this API is on behalf of the authenticated user does not have any of these acceptedScopes in its scope claim, the method updates the HTTP response providing a status code 403 (Forbidden) and writes to the response body a message telling which scopes are expected in the token.

public RequiredScopeAttribute (params string[] acceptedScopes);
new Microsoft.Identity.Web.Resource.RequiredScopeAttribute : string[] -> Microsoft.Identity.Web.Resource.RequiredScopeAttribute
Public Sub New (ParamArray acceptedScopes As String())

Parameters

acceptedScopes
String[]

Scopes accepted by this web API.

Examples

Add the following attribute on the controller/page/action to protect:

[RequiredScope("access_as_user")]

Remarks

When the scopes don't match, the response is a 403 (Forbidden), because the user is authenticated (hence not 401), but not authorized.

See also

  • <xref:RequiredScopeAttribute()>

Applies to