Developing Flexible Authorisation Capabilities in ASP.NET Core

ASP.NET Core Identity supports the essentials for authentication and authorisation across many application types such as web, API, and mobile. With Identity, authorisation is a breeze! Developers can implement authorisation checks using numerous methods including roles, claims, and policies. However, this approach is not without limitations.

.NET

Security

For example, updating authorisation requirements will require code changes, along with the time taken to test and deploy these changes. Checking user or role permissions is also tricky, you'll need to review the code or documentation - and hope the documentation is still up to date! As systems grow, authorisation requirements will grow, and these limitations can slow new development and decrease maintainability.

In this talk, I'll demonstrate an approach using permission-based authorisation to overcome these limitations and improve the flexibility and visibility of access control across your system.

Jason Taylor

Jason Taylor is a Solutions Architect, Software Engineer, Trainer, and Mentor with over 25 years of experience. He specializes in designing, building, and deploying cloud-based solutions with .NET and Azure. Jason works at Particular Software, where he contributes to the Particular Platform, including NServiceBus. As a Microsoft MVP and international speaker, he is passionate about sharing knowledge, mentoring developers, and helping teams build maintainable, reliable, and scalable applications.

NDC { London }

Developing Flexible Authorisation Capabilities in ASP.NET Core

Jason Taylor