'[Authorize(Roles="xx") seems no working in asp.net web api

I am working with an ASP.NET web API project (not .NET Core). I want to add [Authorize(Roles="xx") to my controller action. But it seems not working (always 401, Message": "Authorization has been denied for this request.").

I promise the request has an access token and the token has a role claim.

if I remove (Role="xx") then it works. I notice that the role claim is the lower case while "Roles" is the upper case, is that the reason?

Help me, please



Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source