Documenting role based authentication with Swagger

In ASP.NET you can use the AuthorizeAttribute to limit access to your controller endpoints, like so.

Personally, I like to have these documented as part of my API in swagger, but how is this achieved?
It’s elementary my dear watson. We just create an IOperationFilter

And that is it, you have now auto documented every role required across your API.
The swagger docs will look like the following.

Alexander Steinhauer-Wichmann

Written by

I am a developer, Full-Stack enthusiast, Vue aficionado, Azure ninja, Microservice builder.

More From Medium

More from Alexander Steinhauer-Wichmann

Top on Medium

Ed Yong
Mar 25 · 22 min read


Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade