New to Okta and trying to figure out how to secure a .NET Core Web API using OIDC and policy based authorization.
I would like to have each endpoint protected by a policy that checks for the appropriate claims.
For example, a ReadTransactions policy would apply to all users with the read-transactions claim, ManageTransactions would apply to all users with the read-transactions and write-transactions claim.
I am struggling with how to assign a user these claims. I have read through the docs about scopes and claims and have created a “Permissions” scope and have added the claims.
Since different users will have a different permissions, how do I associate and individual user with a set of permissions?
Bear in mind that my understanding of how OIDC works could be off (likely is).