Auth0 Home Blog Docs

How to get to the email_verified api int AuthO user profile with ASP.NET Core AUthorization Policy

user-profile
authorization-polici

#1

Set up: ASP.NET Core Angular Auth0

So I have created an autorization policy like this:

services.AddAuthorization(options => {
options.AddPolicy("EmailConfirmed", policy =>policy.RequireClaim
("https://webatom.auth0.com/userinfo/email_verified","true")); });

I want to get the email_verified value and if its true then I want to allow the api cals in the MVC Controller

So after this I secure the actions with

[Authorize("EmailConfirmed")]

However I keep on getting a 403 forbidden. Must be something with the required claim type. Has anyone come across such issue?


#2

Have you confirmed that the id_token contains that claim? Also, have you confirmed that the User object actually contains that claim?

Here is a sample Razor page which shows how to dump the claims to the screen for you to inspect… https://github.com/auth0-samples/auth0-aspnetcore-mvc-samples/blob/master/Quickstart/00-Starter-Seed/SampleMvcApp/Views/Account/Claims.cshtml


#3