You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
We're investigating the use of Crowd for identity and access management to our own custom .NET web app. Different users and groups will need access to different features and functionality in this app.
I haven't been able to find documentation on how authorization is managed via Crowd; only authentication. Is it possible to use the Crowd interfaces to manage authorization to specific features for a custom application?
You can, but most of the work needs to be done in your application.
The way I think of it is that Crowd provides a user directory - that does authorisation and some information about the user's account. Most importantly, it tells you what groups they are in. Then your application needs to implement something that checks the groups before letting the user do things...
We have written a .Net Library which wraps most of the functionality exposed by the Crowd REST API which is currently users by an ASP.NET MVC application with 20k plus users from Crowd.
it's currently in a private BitBucket repo but happy to share if you are interested.
Let me know
If you're still interested, I've just published our .NET library to NuGet. Searching for Crowd.NET in the Package Manager or run the following command on in the console: Install-Package Crowd.NET More information is available on NuGet (https://www.nuget.org/packages/Crowd.NET/) and the source code is available on BitBucket ([https://bitbucket.org/ianperrin/crowd.net]). Any contributions to the source are more than welcome (smile)!