ScopesRequiredHttpContextExtensions Class

Reference

Definition

Namespace:: Microsoft.Identity.Web.Resource

Assembly:: Microsoft.Identity.Web.dll

Package:: Microsoft.Identity.Web v2.18.1

Important

Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Extension class providing the extension methods for HttpContent that can be used in web APIs to validate scopes in controller actions. We recommend using instead the RequiredScope Attribute on the controller, the page or the action. See https://aka.ms/ms-id-web/required-scope-attribute.

public static class ScopesRequiredHttpContextExtensions

type ScopesRequiredHttpContextExtensions = class

Public Module ScopesRequiredHttpContextExtensions

Inheritance: Object
ScopesRequiredHttpContextExtensions

Methods

VerifyUserHasAnyAcceptedScope(HttpContext, String[])

When applied to an HttpContext, verifies that the user authenticated in the web API has any of the accepted scopes. If there is no authenticated user, the response is a 401 (Unauthenticated). If the authenticated user does not have any of these acceptedScopes, the method updates the HTTP response providing a status code 403 (Forbidden) and writes to the response body a message telling which scopes are expected in the token. We recommend using instead the RequiredScope Attribute on the controller, the page or the action. See https://aka.ms/ms-id-web/required-scope-attribute.

Applies to

Share via

ScopesRequiredHttpContextExtensions Class

Definition

Methods

Applies to

Feedback

Zusätzliche Ressourcen