Skip to content

Authentication and Authorization

Wolverine.HTTP endpoints are just routes within your ASP.Net Core application, and will happily work with all existing ASP.Net Core middleware. Likewise, the built int [AllowAnonymous] and [Authorize] attributes from ASP.Net Core are valid on Wolverine HTTP endpoints.

To require authorization on all endpoints (which is overridden by [AllowAnonymous]), use this syntax:

app.MapWolverineEndpoints(opts =>

or more selectively, the code above is just syntactical sugar for:

/// <summary>
/// Equivalent of calling RequireAuthorization() on all wolverine endpoints
/// </summary>
public void RequireAuthorizeOnAll()
    ConfigureEndpoints(e => e.RequireAuthorization());

snippet source | anchor

Released under the MIT License.