How to access Roles programmatically for Role-Based authorization in ASP.NET

You can programmatically add new roles, read role information, and delete roles from your application. In addition, you can associate users with roles as well as get users associated with a specific role. You can do all this by calling methods of the Roles class.

Most of the properties included in the Roles class just map to the settings for the <roleManager> tag described in the article How to configure roles providers for Role-Based Authorization in ASP.NET. The next table lists the additional properties and the Roles class’s methods that you can use for managing and accessing the roles API programmatically.





ProviderReturns the provider currently used by your application.

Returns a collection of all the available providers on the system and for your application configured in machine.config and in web.config of your application.


Accepts a user name and a role name as a string parameter and adds the specified user to the specified role.


Accepts a user name as a string parameter and role names as an array of strings and adds the specified user to all the roles specified in the role names parameter.


Accepts a string array with user names and a string parameter that specifies a role name and adds all the specified users to the role specified in the second parameter.


Accepts a string array with user names and a second one with role names and adds all the users in the user names parameter to all the roles in the role names parameter.

CreateRoleCreates a new role.
DeleteRoleDeletes an existing role.

Accepts a string representing the role name and a second string specifying a pattern for user names to match. The method returns a list of users that are associated with the role, and matches the pattern of the second parameter of the method (usernameToMatch).


Returns a string array containing all the role names of the roles available in the role store of the configured provider.


Returns a string array containing all the roles the specified user is associated with. There is also a version that doesn’t take any parameters, which gets the roles of the currently logged on user.

GetUsersInRoleReturns a list of users who are associated with the role passed in as a parameter.
IsUserInRoleReturns true if the specified user is a member of the specified role.
RemoveUserFromRoleRemoves a single user from the specified role.
RemoveUserFromRolesRemoves the specified user from all roles specified.
RemoveUsersFromRoleRemoves all the specified users from a single role.
RemoveUsersFromRolesRemoves all the specified users from all the specified roles.
RoleExistsReturns true if a role exists and otherwise false.