Base solution for your next web application
Open Closed

NON-AUTHORIZED API #9297


User avatar
0
alfar_re created

Hi,

Is it possible to have an endpoint generated from the app services that does not require authentication?

The use case is that there is a webhook we register for using a callback url and there is no way of configuring it to post with headers or anything to authenticate. What will happen is we will check the IP that's posting.


4 Answer(s)
  • User Avatar
    0
    gterdem created
    Support Team

    Hello,

    Did you try adding [AbpAllowAnonymous] attribute to your controller or related method? More info can be found here.

  • User Avatar
    0
    alfar_re created

    Hello @gterdem,

    I've tried that but since the said method accesses other methods within other application services I get the error Abp.Authorization.AbpAuthorizationException: Current user did not login to the application!

    What am trying to do is to push some processing to hangfire to run in the background. I don't know how to give hangfire authorization to run jobs in the background.

  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi @alfar_re

    Using one app service from another is a bad practice and causes problems like you had. I suggest you to create a domain service for the common code shared between two app services and use this domain service from both app services. In that case, [AbpAllowAnonymous] will work.

  • User Avatar
    0
    alfar_re created

    Hi @ismcagdas,

    I agree. I'm now creating my domain service to handle this. I'm sure this will work well now.

    Many thanks.