I want to store user specific claims data in Azure Active Directory to perform claims based authorization inside MVC web application.
Active Directory claim types to define:
Resource claim type
Action claim type
ResourceAction complex claim type
and claim type values I want to store for these are:
Resource - ControllerName
Action - ControllerActionName
ResourceAction - combination of Resource and Action values(hopefully as complex type)
and I want to store ResourceAction values in User/Group/Role AD objects.
Could someone help me on what's the solution for this and relevant resources with examples please.
I wants to avoid storing authorization specific data in database as I would be hitting the database for every request and is not flexible.
Many Thanks,