API end point returning “Authorization has been denied for this request.” when sending bearer token

Question

I\'ve followed a tutorial to protect a Web API with OAuth in C#.

I\'m doing some tests and so far I\'ve been able to get the access token successfully from /token

Answer 1

You have to add a claim with this schema:

http://schemas.microsoft.com/ws/2008/06/identity/claims/role

best thing to do is to use the pre-defined set of claims:

identity.AddClaim(new Claim(ClaimTypes.Role, "User"));

You can find ClaimTypes in System.Security.Claims.

Another thing you have to consider is filter roles in your Controller/Action:

[Authorize(Roles="User")]

You can find a simple sample app, self-hosted owin with a jquery client here.