Stack Overflow
Stack Overflow

Questions tagged [claims-based-identity]

Application model for presenting an identity to a claims aware application. This identity contains claim elements, such as email address or username, in a secure package from a trusted source. This model separates the application from the authentication mechanism.

Resources

Wikipedia Entry - Claims-based identity

MSDN Article - Exploring Claims-Based Identity by Kieth Brown

1595 questions
18
votes
2 answers

How to set TimeOut for OwinContext in MVC 5

When a user access a website and enters their credentials which are stored in our database, we when create an authentication. How do you set the timeout? Using MVC 5. My Authentication looks like this: var claims = new List(); …
DavidJS
  • 417
  • 2
  • 5
  • 16
18
votes
3 answers

How to create a ClaimsPrincipal that has Identity.Authenticated set to true?

I have the following method: protected override Task SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) { if (Composite.C1Console.Security.UserValidationFacade.IsLoggedIn()) …
Poul K. Sørensen
  • 16,950
  • 21
  • 126
  • 283
17
votes
2 answers

Implementing custom claim with extended MVC Core Identity user

How can I create a custom authorize claim in MVC Core 2.0 (using AspNetCore.identity) to verify a custom user boolean property? I have extended the IdentityUser (ApplicationUser) to include a boolean value "IsDeveloper". I am using claims based…
davewilliams459
  • 1,679
  • 2
  • 15
  • 24
17
votes
6 answers

MVC 5 OWIN login with claims and AntiforgeryToken. Do I miss a ClaimsIdentity provider?

I'm trying to learn Claims for MVC 5 OWIN login. I try'ed to keep it as simple as possible. I started with the MVC template and inserted my claims code (see below). I get an error when I use the @Html.AntiForgeryToken() helper in the View. Error: A…
radbyx
  • 9,352
  • 21
  • 84
  • 127
17
votes
1 answer

Securing the JWT with a X509Certificate2 (JwtSecurityTokenHandler)

I managed to make the JwtSecurityTokenHandler work with X509Certificate2. I was able to sign the token with a X509Certificate2 object. I was also able to validate the token by using the certificate's raw data through X509Certificate2.RawData…
tugberk
  • 57,477
  • 67
  • 243
  • 335
16
votes
2 answers

Adding Claims-based authorization to MVC 3

I have an MVC app that I would like to add claims-based authorization to. In the near future we will use ADFS2 for federated identity but for now we will used forms auth locally. Has anyone seen a tutorial or blog post about the best way to use…
chief7
  • 14,263
  • 14
  • 47
  • 80
16
votes
1 answer

Can I modify claims in ASP.NET Identity with OWIN after calling SignIn?

Is is possible to retrieve and modify claims in a controller after SignIn has been called? This doesn't work for me: ClaimsIdentity i = (ClaimsIdentity)HttpContext.GetOwinContext().Authentication.User.Identity; i.AddClaim(new Claim("type",…
Josh
  • 6,944
  • 8
  • 41
  • 64
15
votes
2 answers

AspNetCore 2.0 Claims always empty

I am working on converting a DotNet 4.5 MVC/WebAPI application to AspNetCore 2.0, and I'm having some trouble getting my Cookie authentication working again. When I set the cookie and try to access a secure method, I can't get there. When I go into…
Danny Ellis Jr.
  • 1,674
  • 2
  • 23
  • 38
15
votes
3 answers

Authorization Policy With Multiple Claims

I have created multiple authorization policies, each with 1 claim in it, doing a role check, like so: options.AddPolicy("SuperAdminPolicy", policy => policy.RequireClaim(ClaimTypes.Role, "SuperAdmin")); That all works fine. However, I'm now at the…
Steviebob
  • 1,705
  • 2
  • 23
  • 36
15
votes
5 answers

How do I get an OID claim in ASPCore from Azure B2C

Why do I want this? I'm trying to get a unique identifier from my user which I can connect to database records. There are reasons I don't want to use the Email as the identifier. I read that SUB claim isn't supported with B2C, and to use OID in it's…
David Moores
  • 1,025
  • 2
  • 9
  • 23
14
votes
3 answers

How to add multiple policies in action using Authorize attribute using identity 2.0?

I am identity 2.1.2 with asp.net core 2.0, I have application claim table which have claim type and claim value i.e Assets ,Assets Edit,Assets, Assets View, where claim types are same with distinct claim values and I am creating policies using…
Alok Binwal
  • 153
  • 1
  • 1
  • 5
14
votes
2 answers

How to retrieve Claims Value in .Net Core 2.0

As it says in the title I have already assigned claims to the registered user, I am now trying to retrieve the claim value when the user logs into the application within the UserClaims table in sql server which I find a bit difficult to do as this…
cedPound
  • 367
  • 1
  • 3
  • 14
14
votes
1 answer

Where is http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name defined?

OASIS owns the http://schemas.xmlsoap.org/ws/2005/05/identity namespace, but I can't find anywhere that defines the "name" claim type. There are other claims like First Name, Last Name, Email Address, etc. but no claim that just refers to Name. Is…
Steven Padfield
  • 644
  • 1
  • 5
  • 12
14
votes
5 answers

Transforming Open Id Connect claims in ASP.Net Core

I'm writing an ASP.Net Core Web Application and using UseOpenIdConnectAuthentication to connect it to IdentityServer3. Emulating their ASP.Net MVC 5 sample I'm trying to transform the claims received back from Identity Server to remove the "low…
Piers Lawson
  • 747
  • 2
  • 5
  • 18
14
votes
2 answers

Update Claims values in ASP.NET One Core

I have a Web Application in MVC 6 (Asp.Net One Core), and I'm using Claims based authentication. In the Login method I set the Claims: var claims = new Claim[] { new Claim("Name", content.Name), new Claim("Email", content.Email), new…
Martín
  • 3,105
  • 7
  • 25
  • 43
1 2 3
99 100