How to programmatically determine if a user is authorized in an IIS Website

A customer had a unique need of verifying authorized users against a website that runs on IIS. The code is short and simple if you know what component and method(s) to invoke.


using System;

using System.Collections.Generic;

using System.Linq;

using System.Text;

using System.Threading.Tasks;

using Microsoft.Web.Management.Server;

namespace ConsoleApp1


    class Program


        static void Main(string[] args)


            string message = null;

            string isUserFound = "No";

            string sprovider = null;

            string userName = "john.doe";

            ManagementAuthorizationInfoCollection authorizedCollection = ManagementAuthorization.GetAuthorizedUsers("Default Web Site", true, 0, 10);

            sprovider = "Provider: " + ManagementAuthorization.Provider;

            Console.WriteLine("{0}", sprovider);

            // Search the returned collection.

            foreach (ManagementAuthorizationInfo authorizedInfo in authorizedCollection)


                // Check to see if the user is already in the allowed users collection.               

                if (userName.Equals(authorizedInfo.Name))


                    isUserFound = "yes";



            Console.WriteLine("Does John.doe exist? {0}",isUserFound);

            Console.WriteLine("done calling Microsoft.Web.Management.dll. Hit any key");