Mastering Development

.NET Core Update Permissions with Azure AD and Local DB

I have a .NET Core WebApp which logs the user in via the Azure AD. As soon as the user is logged in, I grab the Email address and check in my application database, which Role the user has.

Now the question is: Since the user can be locked (Db IsBlocked boolean field), I need to be able to update the user’s permissions. Because the user remains logged in all the time (single-sign-on), do I need to check the user’s permissions on each request? Meaning: On each request I query the DB for the permissions and update these accordingly ?

My concern is that this will result in a lot of requests to the DB, no ?
And also, can you update Claims ?

Leave a Reply

Your email address will not be published. Required fields are marked *