How to add a server side check that api is only called by tenant admin

Question

My requirement is to add a check here that this API route/end point is only called by tenant admin.

AppController.cs

        [Route("api/[controller]")]
        [Authorize(Policy = "App.ReadWrite")]
        [ApiController]
        [Produces("application/json")]
        public sealed class AppController : ControllerBase
        {
                [Route("apps/search")]
                [HttpGet]
                public async Task<IActionResult> SearchAppForUserAsync([FromQuery] string searchString, CancellationToken cancellationToken)
                {
                    var user = this.GetUser();
                    var result = await this.appRepository.SearchAppForUserAsync(user, searchString, cancellationToken).ConfigureAwait(false);
                    return this.Ok(result);
                }
    }

Have you tried to check the role of current user from claims? — Fei Han, Dec 16 '20 at 02:40
I do not get any role information in claims. https://i.stack.imgur.com/9RrFg.png — Deepak Kothari, Dec 16 '20 at 13:11
plese see question and answer how to define policy in .net core: [here](https://stackoverflow.com/questions/37577855/creating-a-new-authorizationhandler-iauthorizationrequirement-that-uses-a-servic) — Brachy, Dec 22 '20 at 13:56

How to add a server side check that api is only called by tenant admin

0 Answers0