Question: How can I use ValidateAntiForgeryToken over anonymous user access?
Answer: When AllowAnonymous attribute exists, all other authorize attributes will be ignored. Therefore, our recommendation would be to remove [AllowAnonymous] to let other authorized attributes work normally.
Content Author: Radu Vaduva
Priyanka Bhotika
Comments