I have the following: [Authorize(Roles = admin)] I am setting it for every action

Question

0

Asked: May 26, 20262026-05-26T15:55:51+00:00 2026-05-26T15:55:51+00:00

I have the following: [Authorize(Roles = admin)] I am setting it for every action

0

I have the following:

[Authorize(Roles = "admin")]

I am setting it for every action on my controller. However is there some way I can do this globally for the controller?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-26T15:55:52+00:00

[Authorize(Roles = "admin")]
public class AdminController : Controller
{
}

The attribute works on controllers too.

You can even create a base controller and set the attribute on it (and therefore get the same authorization on all derived controllers)

[Authorize(Roles = "user")]
public class BaseController : Controller
{
}

public class NewsController : BaseController 
{
}

public class ForumController : BaseController 
{
    [HttpPost, Authorize(Roles="admin")]
    public ActionResult Delete(int id)
    {
    }
}

Update

First question: You can put [HandleError] in your base controller to get MVC’s error handling in all controllers. I’ve just written a blog entry describing it.

Second question: Yes. Put the most specific [Authorize] attribute on the actions. (for instance authorize “users” in the base controller and “admins” on the Edit action).

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I have the following: [Authorize(Roles = admin)] I am setting it for every action

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply