What is the purpose of the Issuer claim? Do I need to set one when creating a ClaimsIdentity and/or check for one when accessing that ClaimsIdentity from a Web API controller?
Asked
Active
Viewed 427 times
1 Answers
0
"Do I need to set?" Depends on where it goes. If they expect one then you should set it. I normally do, even though it may be "overruled/moved" when converted into a signed SAML token.
"Do I need to check it"? Short answer is no, normally not. A first check is already performed on the Issuer through the issuerNameRegistry, by WSFAM (or whoever picks up the SAML Token). Some people look at the "OriginalIssuer" and they sometimes use it in HomeRealmDiscovery.
paullem
- 1,261
- 7
- 8