Security and Identity - Authorization - Overview

In this article

An administrative user is a person who has been given permission to do something in the library.

Authorization is the process of granting or denying access to a system.

For more information about authentication in ASP.NET Core, see Overview of ASP.NET Core Authentication.

Authorization types

ASP.NET Core authorization provides a simple, declarative role and a rich policy-based model.

Namespaces

Authorization components, including the AuthorizeAttribute and AllowAnonymousAttribute attributes, are found in the Microsoft.AspNetCore.Authorization namespace.

Consult the documentation on simple authorization.

Ref: Introduction to authorization in ASP.NET Core