Stack Overflow
Stack Overflow

Questions tagged [claims-based-identity]

Application model for presenting an identity to a claims aware application. This identity contains claim elements, such as email address or username, in a secure package from a trusted source. This model separates the application from the authentication mechanism.

Resources

Wikipedia Entry - Claims-based identity

MSDN Article - Exploring Claims-Based Identity by Kieth Brown

1595 questions
11
votes
1 answer

JWT How to add custom claims and decode claims

I am trying to retrieve some custom claims that I made when I created my token. However, I am not sure on what I should write to retrieve those claims. This is my token creation function public String createToken(AuthenticationDTO Input) { //Set…
JianYA
  • 2,750
  • 8
  • 60
  • 136
11
votes
1 answer

what are the URLs for in claim-types

Since I want to add custom claims into my application, I checked the sourcecode of ClaimTypes (decompiled with JetBrains decompiler). Here is a piece of it: namespace System.Security.Claims { /// Defines constants for the well-known claim…
Matthias Burger
  • 5,549
  • 7
  • 49
  • 94
11
votes
1 answer

Claims: difference between UPN, Name with Azure AD

In System.IdentityModel.Claims there are three entries: UPN, Name and…
Benoit Patra
  • 4,355
  • 5
  • 30
  • 53
11
votes
1 answer

Redirect loop with .Net MVC Authorize attribute with ADFS Claims

I have a problem configuring ADFS with my .Net MVC 5 app. I have configured my project in VS 2015 to use claims and it works ok, but I have an issue. I can sign in, ussing ADFS, I can check user roles etc. The problem occures when i try to use…
bunny1985
  • 762
  • 6
  • 21
11
votes
4 answers

Federated authentication in Sharepoint 2013: getting rtFa and FedAuth cookies

The scenario is the following: I need to perform a federated authentication of a user (which uses his university account) into the Sharepoint site of his university and to obtain both the FedAuth and rtFa cookies (which I have to pass to SharePoint…
metaphori
  • 2,681
  • 1
  • 21
  • 32
11
votes
2 answers

How do I invalidate claims using ASP.NET Identity?

I just upgraded some of my applications to ASP.NET MVC 5. I've been using ASP.NET Membership for ages and was exploring the possibility of switching to ASP.NET Identity. I'm building a little test application and I've got authentication working…
Justin Helgerson
  • 24,900
  • 17
  • 97
  • 124
11
votes
2 answers

POCO's with the new ASP.NET Identity and MVC 5.0 + claims-based Identity

With the new version of VS 2013 RTM and asp.net mvc 5.0, I’ve decided to try out a few things... Needless to say, a lot has changed. For example, the new ASP.NET Identity is a replacement of the old Membership and (less old) SimpleMembership…
Vlince
  • 5,885
  • 7
  • 45
  • 62
11
votes
1 answer

ClaimsPrincipal.Current vs. HttpContext.Current.User?

In MVC what's the difference between these 2? They look identical, and they even return the same Type/Class System.Web.Security.RolePrincipal but there're subtleties. Eg. The following code throws various errors when called against the instance…
Alwyn
  • 8,079
  • 12
  • 59
  • 107
10
votes
3 answers

Azure AD issues claims security groups names

I need my Azure AD to issue a claim with security group names. But there are only group object ids come out in the JWT token. How to get security group names? What I did so far: 1. Created a test security group and assigned a user to it. This is the…
Michael Chudinov
  • 2,620
  • 28
  • 43
10
votes
2 answers

Custom Claims lost on Identity re validation

I'm implementing Asp.NET MVC application with Identity 2.x Authentication and Authorization model. During LogIn process I add Custom Claims (not persisted in the DB!), deriving from data passed in the LogIn from, to the Identity and I can correctly…
l.raimondi
  • 389
  • 2
  • 14
10
votes
2 answers

choose between asp identity claims and sessions data

I am trying to make a choice between storing user specific data in my MVC application either as identity claims or as session data to reduce the number and frequency of database round trips on requests. However, considering performance, security and…
Josh
  • 1,660
  • 5
  • 33
  • 55
10
votes
2 answers

Complex Claim Values in .NET Framework with System.Security.Claims

I'm developing a web app with Asp.Net 5 MVC, Owin and Oauth2 bearer token as auth type. Following this guide that adds a custom complex claim Json serialized to an instance of Microsoft.IdentityModel.Claims.ClaimsIdentity with success, I've tried to…
systempuntoout
  • 71,966
  • 47
  • 171
  • 241
10
votes
4 answers

Asp.Net Identity - Setting CookieDomain at runtime

How can I set the CookieDOmain in the CookieAuthenticationOptions at runtime if i want to pull this value from the Request.Url or from some settings stored in my database? I want to support sub-domains, but also support multi-tenants too which each…
Paul Hinett
  • 1,951
  • 2
  • 26
  • 40
10
votes
1 answer

Security, Thread.CurrentPrincipal, and ConfigureAwait(false)

Would using Thread.CurrentPrincipal's claims in a referenced library that uses ConfigureAwait(false) pose any problems or will the flowing of ExecutionContext's logical call context take care of me there? (my reading and testing so far indicates…
Madeline Trotter
  • 370
  • 4
  • 14
10
votes
1 answer

Claims Based Authentication - SharePoint and generally

All, I've been doing a lot of reading around Claims Based Authentication and am still a bit confused. I'm trying to solidify my understanding, specifically relating to SharePoint 2010/2013, but also generally (i.e. ASP.NET). My understanding of…
Michael Taylor
  • 103
  • 1
  • 7
1 2 3
99 100