Skip to content

Multiple values for single key in RouteClaimsRequirement #746

New issue
New issue
Closed as not planned
Closed as not planned
Multiple values for single key in RouteClaimsRequirement#746
Labels
AuthorizationOcelot feature: AuthorizationConfigurationOcelot feature: ConfigurationWinter'26Winter 2026 releasefeatureA new feature
Milestone
Winter'26
@Stians92

Description

@Stians92
Stians92
opened on Jan 14, 2019

New Feature

Allow claims to have an array value and not just a string value.

Motivation for New Feature

I have an application where I have multiple roles for my users. For endpoints that should only be reached by admins, I can use the following:

"RouteClaimsRequirement": {
	"Role": "Admin"
}

For endpoints that should only be reached by users, I can use the following:

"RouteClaimsRequirement": {
	"Role": "User"
}

For endpoints that should be reached by both users and admins I would like to use the following:

"RouteClaimsRequirement": {
	"Role": ["User", "Admin"]
}

When I tried adding this, all requests to the endpoint respond with a 404.

This should let the request go through if the request has a claim for the role user or admin. This is equivalent to the built-in asp .net core attribute:
[Authorize(Roles = "User, Admin")]

https://docs.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.authorization.authorizeattribute.roles?view=aspnetcore-2.2

Metadata

Metadata

Assignees

No one assigned

    Labels

    AuthorizationOcelot feature: AuthorizationConfigurationOcelot feature: ConfigurationWinter'26Winter 2026 releasefeatureA new feature

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions