Allow multiple roles to access controller action

codette picture codette · Mar 31, 2009 · Viewed 183.9k times · Source

Right now I decorate a method like this to allow "members" to access my controller action

[Authorize(Roles="members")]

How do I allow more than one role? For example the following does not work but it shows what I am trying to do (allow "members" and "admin" access):

[Authorize(Roles="members", "admin")] 

Answer

Jim Schmehil picture Jim Schmehil · Oct 1, 2009

Another option is to use a single authorize filter as you posted but remove the inner quotations.

[Authorize(Roles="members,admin")]