Possible to bypass Permission requirements for accessing an API endpoint?
rcholic opened this issue · comments
** Problem: I am trying to create an API endpoint without requiring permissions to access. I created a controller with a method that does not have the MustHavePermission
attribute, but it still requires access token when sending API request.
** Proposed Solution: If a method does not have MustHavePermission
attribute, the method should be available for public access without access token
@dsolteszopyn answered it. Decorate your Controller with [AllowAnonymous] attribute! This should work