Stack Overflow
Stack Overflow

Questions tagged [claims-based-identity]

Application model for presenting an identity to a claims aware application. This identity contains claim elements, such as email address or username, in a secure package from a trusted source. This model separates the application from the authentication mechanism.

Resources

Wikipedia Entry - Claims-based identity

MSDN Article - Exploring Claims-Based Identity by Kieth Brown

1595 questions
8
votes
1 answer

ASP.NET Identity Claims

I am having an issue understanding the claims, especially roles. Following gives me two roles assigned to the user var roles = UserManager.GetRolesAsync(user.Id).Result; But when i get the claims and iterate through it, I only get the first role.…
learning...
  • 3,104
  • 10
  • 58
  • 96
8
votes
2 answers

Facebook MVC 5 ASP.NET Identity - Email is null for certain users

This is a problem i am trying to solve for a month now. (tried any possible article/code out there). In ExternalLoginCallback action, AuthenticationManager.GetExternalLoginInfoAsync() returns a valid object (with all the provider details) but email…
Yaron Levi
  • 12,535
  • 16
  • 69
  • 118
8
votes
2 answers

Difference between Roles and Claims

In our system we have a way to setup users with permissions. They create a group name, for example, Admin and then assign all the permissions for the tasks they would like to do. For example, they can add AddCompany, ViewCompany, DeleteCompany,…
Gillardo
  • 9,518
  • 18
  • 73
  • 141
8
votes
3 answers

ClaimsAuthenticationManager is not invoked

I'm facing a weird issue with the WIF ClaimsAuthenticationManager. I have registered the custom implementatin of the ClaimsAuthenticationManager in the web.config file:
ppoliani
  • 4,792
  • 3
  • 34
  • 62
8
votes
4 answers

BootstrapContext is null on ClaimsIdentity

I have created a new ASP.NET MVC application with .NET 4.5. I have successfully set up authentication with an STS. The authentication flow is working fine and I am able to get the ClaimsIdentity, containing the desired claims, on…
Unmesh Kondolikar
  • 9,256
  • 4
  • 38
  • 51
8
votes
1 answer

Remote Authentication to SharePoint Online with Custom Domain

We have used Remote Authentication to SharePoint Online to access a target O365 sharepoint site and retrieve the FedAuth and rtFA cookies. This works fine for a target url having a xxx.sharepoint.com domain. Now if this domain has been customized to…
Tinu
  • 695
  • 7
  • 12
8
votes
1 answer

Claims Authentication to SharePoint on iPhone

I have made a simple SharePoint client App for iPhone, which require access to some SharePoint web services (mainly /_vti_bin/Lists.asmx). I am having a trouble figuring out how to do this on newer SharePoint environment such as Office365. With old…
user1657506
  • 101
  • 1
  • 3
8
votes
1 answer

Different Service behaviors per endpoint

The situation We are implementing different sort of security on some WCF service. ClientCertificate, UserName & Password and Anonymous. We have 2 ServiceBehaviorConfigurations, one for httpBinding and one for wsHttpBinding. (We have custom…
Preben Huybrechts
  • 5,853
  • 2
  • 27
  • 63
7
votes
4 answers

Error while validating the service descriptor 'ServiceType: Microsoft.AspNetCore.Identity.IUserClaimsPrincipalFactory`1

This error occurs while trying to add-migration for the first time. I have added the extension method and my service class public void ConfigureServices(IServiceCollection services) { services.AddCors(); services.AddControllers(); …
Emmanuel Enyinnaya
  • 81
  • 1
  • 1
  • 3
7
votes
4 answers

How to deal with concurrency failure on IdentityUser update?

I have a method to update user claims within our app. I am logged as an admin user who can edit other users. I am trying to remove existing claims of one user and assign new ones. When removing claims using UserManger I am getting ConcurrencyFailure…
nickornotto
  • 1,946
  • 4
  • 36
  • 68
7
votes
1 answer

ASP.NET Core Authorization Policies: Can't step into the handler?

I have JWT-based claims authentication/ authorization set up in my .NET Core application, which authenticates as expected, but my policy enforcement is not acting as I would expect. I have a requirements implementation and handler set up as…
Jeremy Holovacs
  • 22,480
  • 33
  • 117
  • 254
7
votes
2 answers

Caching Claims in .net core 2.0

Looked up everywhere but looks like I am stuck right now. I am using Windows Active Directory in my application for authentication. For authorization, I am using claims. After searching through the limited .net core documentation, this is how my…
tanush
  • 101
  • 1
  • 9
7
votes
1 answer

How to refresh claims from Identity Server 4 AFTER profile update?

I'm using aspnet core 1.1 and Identity Server 4. I've created a policy in my client Startup.cs that denied all non-verified email accounts to use some sections of the website. Here's the code of my policy: //Add…
iPeo
  • 399
  • 2
  • 7
  • 16
7
votes
2 answers

Authorize Policy attribute always returns 403 forbidden using .net core Identity and JwtBearerAuthentication

Following this guide I was able to get authentication working using Microsoft.AspNetCore.Identity.EntityFrameworkCore Microsoft.AspNetCore.Authentication.JwtBearer Now I'm trying to secure my api endpoints with either roles, or claims. I've tried…
Kolby
  • 2,775
  • 3
  • 25
  • 44
7
votes
1 answer

ASP.NET Core Identity impersonate specific user

Let's say I have the following roles: Admin User I want Admin role to impersonate specific user account with User role, but without knowing that specific user account's password. Admin should be able to impersonate any user from the application…
bbusdriver
  • 1,577
  • 3
  • 26
  • 58
1 2 3
99 100