current community

your communities

more stack exchange communities

company blog
Stack Exchange Inbox Reputation and Badges
tour help
stack overflow careers
Sign up ×
Stack Overflow is a community of 4.7 million programmers, just like you, helping each other. Join them, it only takes a minute:
up vote 1 down vote favorite
1

I have an ASP.Net MVC app based on the default Visual Studio template, using individual user accounts over asp.net identity. After logging in, the calls to the MVC Controllers show the user as being authenticated, and I can cast to SecurityIdentity to check for claims.

However, when I make a call to a Web API controller in the same project, the Request shows up as NOT authenticated. How can I use the authentication information from my mvc logon and pass that to the Web API controllers, so that those requests also show up as Authenticated on the server.

share|improve this question

1 Answer 1

up vote 0 down vote

You need to add the Authorize[Roles="Role1, Role2"] attribute on the API actions just like with non API controllers.

If you need to access the claims however, the UserManager is accessed with:

HttpContext.Current.GetOwinContext().GetUserManager()

and a reference to Microsoft.AspNet.Identity.Owin is required.

share|improve this answer

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.