I have an ASP.NET Core Web API that serves mobile applications via endpoints. In Development mode, it's OK, every user can see it, but in production it's not correct.
I want to use MiniProfiler in production also, but the profiler has critical and sensitive data inside of it.
So, how can I prevent every user or no admin privileges users from reaching the MiniProfiler screens by using JWT Admin Role.
What are the available options?
