How to use IsInRole method to check authorization in ASP.NET in C#

You can use IsInRole() method to evaluate whether a user is a member of a group.   This method accepts the role name as a string name and returns true if the user is a member of that role.

You can use the next code to check if the current user is a member of the Supplier role:

if (User.IsInRole(“Supplier”))

{

// Do nothing, the page should be accessed as normal because the

// user has administrator privileges.

}

else

{

// Don’t allow this page. Instead, redirect to the home page.

Response.Redirect(“Default.aspx”);

}

When you are using Windows authentication, you need to use the format DomainName\GroupName or ComputerName\GroupName.

if (User.IsInRole(@”THEDOMAIN\ Supplier”))

{ … }

This approach works for custom groups you’ve created but not for built-in groups that are defined by the operating system. If you want to check whether a user is a member of one of the built-in groups, you use this syntax:

if (User.IsInRole(@”BUILTIN\Administrators”))

{ … }