Update claims-based authorization samples to use AddAuthorizationBuilder()

[Copilot]

Code samples violated ASP0025 by using AddAuthorization(options => ...). .NET 7+ recommends AddAuthorizationBuilder().

Changes

• New 7.x sample: Uses AddAuthorizationBuilder() pattern
• Preserved 6.x sample: Unchanged for backward compatibility
• Documentation: Split moniker ranges to reference version-appropriate samples

Example

Before (6.x - triggers ASP0025):

builder.Services.AddAuthorization(options =>
{
    options.AddPolicy("EmployeeOnly", policy => policy.RequireClaim("EmployeeNumber"));
});

After (7.x - compliant):

builder.Services.AddAuthorizationBuilder()
    .AddPolicy("EmployeeOnly", policy => policy.RequireClaim("EmployeeNumber"));

Users viewing docs for .NET 7+ see the recommended pattern; .NET 6 users see the original pattern.

Original prompt

---

This section details on the original issue you should resolve

<issue_title>Code sample for Claims-based authorization violate ASP0025</issue_title>
<issue_description>### Description

The code samples from https://learn.microsoft.com/en-us/aspnet/core/security/authorization/claims?view=aspnetcore-10.0#adding-claims-checks, namely:

builder.Services.AddAuthorization(options =>
   options.AddPolicy("EmployeeOnly", policy => ...));

violates https://learn.microsoft.com/en-us/aspnet/core/diagnostics/asp0025?view=aspnetcore-10.0 which suggests using this instead:

builder.Services.AddAuthorizationBuilder()
                .AddPolicy("EmployeeOnly", policy => policy => ...);

Page URL

https://learn.microsoft.com/en-us/aspnet/core/security/authorization/claims?view=aspnetcore-10.0

Content source URL

https://github.com/dotnet/AspNetCore.Docs/blob/main/aspnetcore/security/authorization/claims.md

Document ID

50736569-fc04-ec6d-7b33-a3e0c860b1ed

Platform Id

53152e93-cef7-e267-13ca-474a7717e614

Article author

@wadepickett

Metadata

• ID: 25051544-0e4d-1715-95b7-3a8616475127
• PlatformId: 53152e93-cef7-e267-13ca-474a7717e614
• Service: aspnet-core
• Sub-service: security

Related Issues</issue_description>

<agent_instructions>Pay special attention to versioning of samles and documenation. Previous working versions must be maintained. </agent_instructions>

Comments on the Issue (you are @copilot in this section)

@wadepickett @abatishchev, thanks very much for pointing this issue out and the details for fixing. Greatly appreciated! @wadepickett ## 🤖 AI Triage Summary

📌 Note to community: This is an automated preliminary analysis to help our documentation team quickly review, determine scope and prioritize this issue. This report is not a resolution and requires human review.

---

This preliminary assessment report was run by: @wadepickett
Date: 2026-01-23
Issue: 36666
Model: GitHub Copilot

---

Issue Analysis: Code samples use AddAuthorization instead of recommended AddAuthorizationBuilder

✅ Issue Validation

Status: Valid and actionable

📋 Issue Summary

The code samples in the Claims-based authorization documentation use builder.Services.AddAuthorization(options => ...) pattern which triggers analyzer warning ASP0025. The recommended approach since .NET 7+ is to use AddAuthorizationBuilder() which is more concise and follows current best practices.

📁 Potentially Affected Files

These files have been identified as possibly related to this issue and may need review.

File	Path	Lines	Section
Code sample	aspnetcore/security/authorization/claims/samples/6.x/WebAll/Program.cs	10-13	snippet region - EmployeeOnly policy
Code sample	aspnetcore/security/authorization/claims/samples/6.x/WebAll/Program.cs	41-45	snippet2 region - Founders policy

📝 Preliminary Change Assessment

The following are initial observations for the documentation team to evaluate—not final decisions.

Potential Code Sample Updates

[Added corected instruction here from Wade Pickett ]

A new 7.x code sample in its own 7.x folder needs to be created rather than changing the original 6.x sample which must be maintained. - Wade Pickett

File: aspnetcore/security/authorization/claims/samples/6.x/WebAll/Program.cs
Location: Lines 10-13 (snippet region)
Type: Replacement

Current code (lines 10-13):

builder.Services.AddAuthorization(options =>
{
   options.AddPolicy("EmployeeOnly", policy => policy.RequireClaim("EmployeeNumber"));
});

Suggested direction:

builder.Services.AddAuthorizationBuilder()
    .AddPolicy("EmployeeOnly", policy => policy.RequireClaim("EmployeeNumber"));

---

A new 7.x code sample in its own 7.x folder needs to be created rather than changing the original 6.x sample which must be maintained. - Wade Pickett

File: [aspnetcore/security/authorization/claims/samples/6.x/WebAll/Program.cs](https://github.com/dotnet/AspNetCore.Docs/blob/11b12a998f11ab97e8afef4aadba20e08790...

• Fixes Code sample for Claims-based authorization violate ASP0025 #36666

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

---

Internal previews

📄 File	🔗 Preview link
aspnetcore/security/authorization/claims.md	Claims-based authorization in ASP.NET Core
aspnetcore/security/authorization/claims/samples/7.x/WebAll/wwwroot/lib/jquery-validation/LICENSE.md	aspnetcore/security/authorization/claims/samples/7.x/WebAll/wwwroot/lib/jquery-validation/LICENSE

[wadepickett]

Fixed two mistakes copilot made, otherwise looks good now.

[wadepickett]

Fixed several issues, but now suddely Policheck is blocking with several false positive hits:

It is throwing multiple errors on jquery-validation files. Which it should not even be reading since that is 3rd party.

Looking into finding a way to exclude Policheck of certain exceptions for anything on the this path:
*\lib\jquery-validation*

Example path:
aspnetcore\security\authorization\claims\samples\7.x\WebAll\wwwroot\lib\jquery-validation\dist\additional-methods.js

One example error code:
Error Code: 79570 (Throws this error 3 times on same file and there are others like 79869, 80022)
The term country is used to label a country-specific format in code related to IBAN validation. To avoid geopolitical issues and ensure inclusivity, it should be replaced with country/region.

@guardrex & tdykstra, just a heads up. I'm trying to resolve this with the Policheck tool folks today. Looks like something was checked in or at least distributed new today that is going to keep us from successfully building anything that happens to have a jQuery library in it. Others are seeing this as well for blocking some Azure python related code from passing.