AuthorizationHub adds a user interface to your existing ASP.net application, so you can manage users, groups, and roles. More importantly, it allows you to build an organizational tree that can be transformed into claims and used in authorization policies.
The power of AuthorizationHub is that the tenants, groups, and roles a user is related to, become identity claims as the user�s request gets processed inside the ASP.net core pipeline. Those claims are specific to your application and can be used in Authorization Policies. This neatly aligns with the security model in ASP.net core. It means you can change who can perform operations in your application by changing the user�s role and group memberships. There�s no need to make code changes and redeploy web applications.
MS SQL Server, and coming soon SQLite and Postgres.
These options give you the ability to choose a database provider that fits with your existing databases, and the performance profile of your application. We never take your data.
We get it. Your team has better things to do. We made a UI to help you manage users, groups, roles, and tenants. Just pick a route in your own web application, we�ll provide the UI, and stay out of your way.
Managing users, groups, and roles for an application can be a giant time sink, and it should be as easy as possible. AuthorizationHub supports nested groups and allows users to be part of multiple tenants. Even better, changes to users can be scheduled before they need to take effect. That means that application administrators will spend less time doing data entry and do it when they want to.
AuthorizationHub is available as a NuGet package. You can install it using the NuGet Package Console window:
PM> Install-Package AuthorizationHub
After installation, update your Program.cs file.
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddAuthorizationHub(); // Sets up DI and needed authorization policies.
builder.Services.AddSQLServerToAuthorizationHub(); // Configures AuthorizationHub to use SQL Server
var app = builder.Build();
app.UseRouting();
app.UseAuthorization();
app.UseAuthorizationHubUI(); // Adds routes for UI and rest endpoints.
app.Run();
Configuration for AuthorizationHub is made in the App.Config file. Create a configuration section named, "AuthorizationHubOptions".
If you want to use SQL Server, create a database to save the organizational tree data. In the app.config file, add a section matching the one below. Put a valid connection string in the "SqlConnection" property.
"AuthorizationHubOptions": {
"SqlServerConnection": "Server=localhost;Database=AuthorizationHub;User ID=;Password=;MultipleActiveResultSets=true;TrustServerCertificate=True",
"Administrators": [
"b52d1aef-cf08-41dc-8e39-be197be6874c",
"0478bd7d-9ae8-4657-8d58-2b418f00cab7"
],
"LicenseKey": "xxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx-xx"
}
AuthorizationHub administrators are defined in the configuration section. Any user in your identity store can be added to the configuration file. Use the value associated with the "nameIdentifier" claim for the user. Add it to the list of values associated with the "Administrators" property. In the case of using Microsoft's ASP.NET Core Identity features, you can get the "Id" value from the AspNetUsers table.
A license key in required to use AuthorizationHub, so enter it in the "LicenseKey" property.
If your web application has been configured to redirect unauthenticated requests to a login page, AuthorizationHub's rest endpoints will do the same if an unauthenticated user makes a request. If you wish to correct the problem, you can add the following code to your Program.cs file.
builder.Services.ConfigureApplicationCookie(_ =>
{
_.Events.OnRedirectToLogin = context =>
{
var options = new AuthorizationHub.UI.Configuration.Options();
if (context.Request.Path.Value.StartsWith(options.ApiPath))
{
context.Response.Headers["Location"] = context.RedirectUri;
context.Response.StatusCode = 401;
}
return Task.CompletedTask;
};
});
Developers using Microsoft's ASP.NET Core Identity feature can use a SQL script to populate the users in AuthorizationHub.
INSERT INTO AuthorizationHub.dbo.Party (PartyType, DisplayName, [Description], ExternalId, IsRoot)
SELECT 1, NormalizedUserName, NormalizedUserName, Id, 0 FROM AspNetUsers
LEFT JOIN AuthorizationHub.dbo.Party AS Party ON Party.ExternalId = AspNetUsers.Id
WHERE Party.PartyId IS NULL
FAQs
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
MCP spec updated with structured tool output, stronger OAuth 2.1 security, resource indicators, and protocol cleanups for safer, more reliable AI workflows.
Security News
More than half of CISOs now manage 10+ security areas, often with few legal safeguards and short tenures, yet continue to secure budgets and higher pay.
Security News
Libxml2’s solo maintainer drops embargoed security fixes, highlighting the burden on unpaid volunteers who keep critical open source software secure.