❔ Authorization convention for requests other than get I want to require authorization for all endpoints that accept request types other than get. By looking through the source code, I've only found AuthorizeFilter. Should I be conditionally adding filters based on the existent filters? but IAuthorizeData is not a metadata filter, so it won't even be in that list. Should I make a custom X (I can't find the type that has to do with policy requirement extraction)?

help

Root Question Message

AntonC11/26/2022

❔ Authorization convention for requests other than get

I want to require authorization for all endpoints that accept request types other than get. By looking through the source code, I've only found AuthorizeFilter. Should I be conditionally adding filters based on the existent filters? but IAuthorizeData is not a metadata filter, so it won't even be in that list. Should I make a custom X (I can't find the type that has to do with policy requirement extraction)?

Contact Frequently Asked Questions Join The Discord Bugs & Feature Requests Terms & Privacy