I needed a way to apply a custom filter to a single action and didnt want to build authorization policys as the filters were temporary.
Ideally the examples below should rather validate a JSON Web Token (JWT), its not best practice to pass the client key and secret with each request but rather exchange these using the OAuth2 Client Credentials Flow.
Creating a filter
- Create the filter using IActionFilter or IAsyncActionFilter.
- Register the filter
- Apply the filter
- Now all PATCH requests to
/credentials/upsertwill need to include header values that match the injected options for: