With ASP.NET Core 8.0, now you can secure Swagger UI endpoints by calling MapSwagger().RequireAuthorization.
Consider the following code example.
WebApplicationBuilder builder = WebApplication.CreateBuilder(args);
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen();
builder.Services.AddAuthorization();
builder.Services.AddAuthentication("Bearer").AddJwtBearer();
WebApplication app = builder.Build();
app.UseSwagger();
app.UseSwaggerUI();
app.MapSwagger().RequireAuthorization();
app.MapGet("/status", () =>
{
return "ONLINE";
})
.WithName("GetStatus")
.WithOpenApi();
app.Run();
Here, /status endpoint will not require any authorization, but the Swagger endpoints will require authorization.
|
| Swagger: 401 |
Hope this helps.
Happy Coding.
Regards,
Jaliya
No comments:
Post a Comment