The description of interaction of Authorize and AllowAnonymous attrbiutes could be improved.

### Description

There's a note:

> If you combine [AllowAnonymous] and an [Authorize] attribute, the [Authorize] attributes are ignored.

This is not completely true, and below you provide an indirect proof:
> Authentication middleware is not short-circuited but doesn't need to succeed.

It's worth explicitly saying, that schemes specified in `AuthenticationSchemes` property of `[Authorize]` attribute will be used for authentication.

### Page URL

https://learn.microsoft.com/en-us/aspnet/core/security/authorization/simple?view=aspnetcore-8.0#use-the-authorize-attribute

### Content source URL

https://github.com/dotnet/AspNetCore.Docs/blob/main/aspnetcore/security/authorization/simple.md

### Document ID

cea5942d-fb01-f5bf-3b63-25873d5b79cf

### Article author

@Rick-Anderson

[Related Issues](https://github.com/dotnet/AspNetCore.Docs/issues?q=is%3Aissue+is%3Aopen+cea5942d-fb01-f5bf-3b63-25873d5b79cf)

---
[Associated WorkItem - 329970](https://dev.azure.com/msft-skilling/Content/_workitems/edit/329970)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

The description of interaction of Authorize and AllowAnonymous attrbiutes could be improved. #33866

Description

Page URL

Content source URL

Document ID

Article author

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

The description of interaction of Authorize and AllowAnonymous attrbiutes could be improved. #33866

Description

Description

Page URL

Content source URL

Document ID

Article author

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions