8

Adding claims in ASP.NET Core Identity is straight forward enough, but I'm having trouble finding how to add a temporary session based claim.

My use case is such that a logged in user with their own custom claims needs to periodically have a new claim added, but only for the current session, and not persisted to the database. After they close their browser or sign out, the temporary claim should go away.

This is to satisfy a mechanism that temporarily changes the organization to which a user belongs for purposes of impersonation in an application that I'm migrating to asp.net Core.

I've found lots of advice here on SO for accomplishing this via GenerateUserIdentityAsync in previous versions of Identity but that does not seem to be available in the new version.

BenjiFB
  • 4,545
  • 10
  • 46
  • 53
ctorx
  • 6,841
  • 8
  • 39
  • 53
  • 1
    Is it acceptable to add this claims / claims during authentication? Or you need to add to active, authenticated users? If during authentication is acceptable, you could perhaps implement your own custom UserClaimsPrincipalFactory and add your own logic in regards to which claims the user gets there? Check this for some sample code: http://benfoster.io/blog/customising-claims-transformation-in-aspnet-core-identity – Base Sep 04 '16 at 19:23
  • I need this to occur after the user has already been authenticated. – ctorx Sep 05 '16 at 04:11
  • Did you managed to find the answer? I'm stuck with the same issue. The main idea is that it is needed to reissue new token. However I am not sure on correct way to do so. P.S. Possible duplicate here: http://stackoverflow.com/questions/40456777/how-to-add-claim-to-user-dynamically – Anatoliy 'TLK' Kolesnick Mar 14 '17 at 13:33
  • I'm curious about this as well. It seems that other solutions involve updating stored claims in the database before singing out and back in the user. – BenjiFB Dec 06 '18 at 01:51

0 Answers0