With evolution of ASP.Net MVC there are lot of inbuilt feature came and evolved with time. One of those is Authorization and Custom Authorization. The in-built function is sufficient enough to handle anonymous user restriction, user based on there name, specific roles for user with just single class AuthorizeAttribute . To implement we need to decorate attribute on any given class, action based on need. Example: [Authorize] public ActionResult Test() { } By just providing Authorize attribute anonymous user are restricted. It has Roles and Users property parameters to restrict access based on certain role or user which can accept multiple values by comma separated as string format. In one of the situation, I got chance to built an authorization where roles keep changing. Administrator can add new role, delete any role or modify existing role. In that situation we cannot map roles with codes. So, there were two way to achieve by creating group of roles and lettin