How to add custom roles to ASP.NET Core

In addition to Temi's detailed answer, remember to replace

 services.AddDefaultIdentity<IdentityUser>()
            .AddEntityFrameworkStores<DbContext>();

With

 services.AddIdentity<IdentityUser, IdentityRole>().AddEntityFrameworkStores<DbContext>();

Also, make sure that the types specified in AddIdentity<> is the same as the types called in serviceProvider.GetRequiredService<>

For the above, our types called in serviceProvider.GetRequiredService<> in Configure.cs would be

 var roleManager = serviceProvider.GetRequiredService<RoleManager<IdentityRole>>();
 var userManager = serviceProvider.GetRequiredService<UserManager<IdentityUser>>();

Another important thing to note is that since CreateRoles(IServiceProvider) (from Temi's answer) is an async method, to call it in Configure method (which return void), you can use CreateRoles(serviceProviderInstance).Wait(); Hope this helps.


You could do this easily by creating a CreateRoles method in your startup class. This helps check if the roles are created, and creates the roles if they aren't; on application startup. Like so.

private async Task CreateRoles(IServiceProvider serviceProvider)
    {
        //adding customs roles : Question 1
        var RoleManager = serviceProvider.GetRequiredService<RoleManager<IdentityRole>>();
        var UserManager = serviceProvider.GetRequiredService<UserManager<ApplicationUser>>();
        string[] roleNames = { "Admin", "Manager", "Member" };
        IdentityResult roleResult;

        foreach (var roleName in roleNames)
        {
            var roleExist = await RoleManager.RoleExistsAsync(roleName);
            if (!roleExist)
            {
                //create the roles and seed them to the database: Question 2
                roleResult = await RoleManager.CreateAsync(new IdentityRole(roleName));
            }
        }

        //Here you could create a super user who will maintain the web app
        var poweruser = new ApplicationUser
        {
            UserName = Configuration["AppSettings:UserName"],
            Email = Configuration["AppSettings:UserEmail"],
        };

        string userPWD = Configuration["AppSettings:UserPassword"];
        var _user = await UserManager.FindByEmailAsync(Configuration["AppSettings:AdminUserEmail"]);

       if(_user == null)
       {
            var createPowerUser = await UserManager.CreateAsync(poweruser, userPWD);
            if (createPowerUser.Succeeded)
            {
                //here we tie the new user to the role : Question 3
                await UserManager.AddToRoleAsync(poweruser, "Admin");

            }
       }
    }

and then you could call the await CreateRoles(serviceProvider); method from the Configure method in the Startup class. ensure you have IServiceProvider as a parameter in the Configure class.

Edit: If you're using ASP.NET core 2.x, my article here provides a much detailed experience. here


Adding to Temi's answer and Xavier's comment to it, my experience with this was a little different using asp.net-core-2.

In order to get this working I had to add the IServiceProvider as a parameter of the Configure method to get an instance of it.

public void Configure(
    IApplicationBuilder App,
    IHostingEnvironment Env,
    ILoggerFactory LoggerFactory,
    IServiceProvider ServiceProvider
)
{
    /* trimmed */

    CreateRoles(ServiceProvider).Wait();
}