This tutorial shows how to create an ASP.NET Core web app with user data protected by authorization. It displays a list of contacts that authenticated (registered) users have created. There are three security groups:
Registered users can view all the approved data and can edit/delete their own data.
Managers can approve or reject contact data. Only approved contacts are visible to users.
Administrators can approve/reject and edit/delete any data.