Authentication

This page gives an overview for authentication options in Centias.

Basic considerations

Authentication is essential for securing your application, complying with regulatory requirements and protecting sensitive data relating to your business, projects or users.

However, implementing authentication is often a long-winded task leading to several changes across your application. Depending on your requirements, you may need login mechanics, registration, user management and so on.

Authentication providers like Microsoft Entra alleviate some of the headaches relating to authentication. But implementing them in .NET may still require considerable effort.

With Centias, we aim to make it as easy as possible to integrate authentication mechanics and secure your application.

Authorization

Authorization in Centias can be enforced with the [Authorize] attribute. The following elements support authorization with this attribute:

• Actions
• Dashboards
• Metrics
• Resources

On resources, you can also use a set of special authorize attributes[AuthorizeCreate], [AuthorizeUpdate] and [AuthorizeDelete] to further control which actions can be performed by users. They can be combined with restrictions by roles or policies.

Protecting Fields

You may want to restrict the visibility of some fields. Especially relationship fields can be affected by this, as they show entities from other resources.

For instance a HasMany field can be restricted to only be visible to users with a specific role. Therefore, the Authorize() method is used to decide when the user is allowed to see the field.

In this example only users with the role 'SalesManager' can view the field.

public override IList<IResourceFieldBuilder> Fields()
{
    return
    [
        HasMany<Product, ProductBundle>.Make("Bundles", nameof(Product.Bundles))
            .Authorize(user => user.IsInRole("SalesManager")),
    ];
}

Authentication variants

We provide two authentication setups out of the box:

• Local Identity For local accounts that can be managed by the organization directly.
• Microsoft Entra For authentication using Microsoft Entra services.

Both setups require the installation of their respective packages through NuGet. See their corresponding documentation pages for more details.