Can We use Impersonation for Toke Based Authentication #5005

ni3rk created 6 years ago

Hi,

we can able to Call any api using token generated from portal in postman. How we can restrict User to not call any API using that token, and How we are going to Validate token is send by that user who has created it ?

1 Answer(s)

0

ismcagdas created 6 years ago
Support Team

@Ni3rk if you want to restrict some users from calling specific APIs, you can use Permissions, see <a class="postlink" href="https://aspnetboilerplate.com/Pages/Documents/Zero/Permission-Management">https://aspnetboilerplate.com/Pages/Doc ... Management</a>.

Just define a permission, use it on the service or specific method you want and then assign this permission to a specific user or role you want that user/role to call this API.

Have an answer to this question? Log in and write your answer.