NON-AUTHORIZED API #9297

alfar_re created 4 years ago

Hi,

Is it possible to have an endpoint generated from the app services that does not require authentication?

The use case is that there is a webhook we register for using a callback url and there is no way of configuring it to post with headers or anything to authenticate. What will happen is we will check the IP that's posting.

4 Answer(s)

0

gterdem created 4 years ago
Support Team

Hello,

Did you try adding [AbpAllowAnonymous] attribute to your controller or related method? More info can be found here.
0

alfar_re created 4 years ago

Hello @gterdem,

I've tried that but since the said method accesses other methods within other application services I get the error Abp.Authorization.AbpAuthorizationException: Current user did not login to the application!

What am trying to do is to push some processing to hangfire to run in the background. I don't know how to give hangfire authorization to run jobs in the background.
0

ismcagdas created 4 years ago
Support Team

Hi @alfar_re

Using one app service from another is a bad practice and causes problems like you had. I suggest you to create a domain service for the common code shared between two app services and use this domain service from both app services. In that case, [AbpAllowAnonymous] will work.
0

alfar_re created 4 years ago

Hi @ismcagdas,

I agree. I'm now creating my domain service to handle this. I'm sure this will work well now.

Many thanks.

Have an answer to this question? Log in and write your answer.