ASP.NET MVC filters are used to add extra logic at the different levels of MVC Framework request processing. There are many articles available on the web about custom authorization filters. But very few have simple examples. My intention in this post is to depict the authorization filter with a step-by-step explanation using a simple example application. I will use a custom authentication filter also with this example. Our application will show the pages only after a successful login. We will create three different roles as “SuperAdmin”, “Admin” and “Normal”. Super admin type users can see all three pages, but Admin and Normal users can view only specific pages. We will create three different users with three different roles. We will use the Entity Framework as ORM (Object-relational mapper) to connect with SQL server database. We will use the code-first approach to create all tables and insert values to tables using the database migration process.