Every request journey in a secured web application starts with the authentication process providing the essential information for authorizing the requests. The authorization process has been totally rewritten in ASP.NET Core to support the modern concepts of claim-based authorization based on the concept of policies.
During the session, after analyzing all the pieces that builds up the new authorization framework, we will see how to structure the resource-based authorization and analyze the different opportunities to filter database queries based on the effective permissions of the user.