var builder = WebApplication.CreateBuilder(args);
builder.Services.AddAuthentication("DynamicScheme") .AddPolicyScheme("DynamicScheme", "Authorization Dynamic Scheme", options => options.ForwardDefaultSelector = context =>
if (context.Request.Path.StartsWithSegments("/api")) return CertificateAuthenticationDefaults.AuthenticationScheme;
return OpenIdConnectDefaults.AuthenticationScheme;
.AddMicrosoftIdentityWebApp(builder.Configuration)
.AddCertificate(options =>
options.RevocationMode = X509RevocationMode.NoCheck;
options.AllowedCertificateTypes = CertificateTypes.All;
builder.Services.AddAuthorization(options =>
options.AddPolicy("Role_AdminPrivilege_Read", policy => policy.RequireClaim("roles", "AzureGroup_AdminPrivilege_Read"));var app = builder.Build();
THEN YOU CAN USE IT LIKE BELOW
[Authorize(AuthenticationSchemes = OpenIdConnectDefaults.AuthenticationScheme)]
[Authorize(AuthenticationSchemes = CertificateAuthenticationDefaults.AuthenticationScheme)]
