MVC 5 AddToRole requires logout before it works?

Question

I\'m finding that if I add a user to a role in ASP Identity, it doesn\'t take effect until I log out and log back in. Is there something I need to do to refresh a user\'s ro

Answer 1

ASP.NET Identity uses claims to store the roles and uses the claims instead of doing a database query each time it needs to perform authorization. So the roles will not be in the claims until the person has been logged in again. You can read about using claims in ASP.NET Identity here. The articles shows how to add claims during the log-in process. But if you add a role to the current user you can update the claims using the method described in my answer to this QA without forcing the user to log in again. There is a claim for each role assigned to the user. Use ClaimTypes.Role when adding a new role.