// the find
JonPSmith/AuthPermissions.AspNetCore
This library provides extra authorization and multi-tenant features to an ASP.NET Core application.
AuthPermissions.AspNetCore adds a permission-based authorization layer on top of ASP.NET Core's built-in roles, plus multi-tenant support with both single-level and hierarchical tenants, and a JWT refresh token implementation. It targets SaaS apps where you want runtime role changes without redeployment. The author maintains it actively and tracks .NET releases version-for-version.
The permission-packing approach (storing permissions as a packed string in claims) means no database hit per request after login — authorization checks are pure in-memory. The sharding support is genuinely thought through: separate `IDatabaseSpecificMethods` per provider (SQL Server, Postgres, SQLite) rather than one leaky abstraction. The admin sync services that reconcile your identity provider users with AuthP's users solve a real gap that ASP.NET Identity leaves entirely to you. Working example apps (Razor Pages, JWT, Azure AD, multi-tenant) are included and runnable, not just stubs.
The custom NuGet packaging workflow using a third-party `MultiProjPack` tool is friction you have to accept forever — contributors can't just `dotnet pack`. The JWT refresh token implementation is rolled by hand rather than using a standard library, which means you're trusting this maintainer's crypto decisions in addition to Microsoft's. Hierarchical multi-tenant data isolation relies on a string data-key prefix pattern that requires discipline everywhere you write queries; there's no compile-time enforcement, so a missed filter leaks cross-tenant data silently. Documentation lives entirely in the GitHub wiki, which means no offline access and no versioning alongside code.