Stack Overflow
Stack Overflow

Questions tagged [claims]

Claims were introduced in .NET4.5 to build Claims based authentication into the framework in the form of ClaimsIdentity and ClaimsPrincipal in the System.Security.Claims namespace.

Claims were introduced in .NET4.5 to build Claims based authentication into the framework in the form of ClaimsIdentity and ClaimsPrincipal in the System.Security.Claims namespace.

556 questions
7
votes
3 answers

Identity Server - Identity/Resource scope - How can client get resource claims about the user

I have read Dominik's blog post on authentication vs permission modeling using Identity Server (https://leastprivilege.com/2016/12/16/identity-vs-permissions/). Since I am mostly using role based authorization, I am fine using IdentityServer as…
sharppanda
  • 81
  • 1
  • 7
7
votes
1 answer

MVC 5 and use of claims default authentication

I have a question regarding the claims in MVC 5. So basically imagine I have a registered user in DB, now the user is going to log in, like so: private async Task SignInAsync(ApplicationUser user, bool isPersistent) { …
Alnedru
  • 2,573
  • 9
  • 50
  • 88
6
votes
1 answer

How to add/manage user claims at runtime in IdentityServer4

I am trying to use IdentityServer4 in a new project. I have seen in the PluralSight video 'Understanding ASP.NET Core Security' that IdentityServer4 can be used with claims based security to secure a web API. I have setup my IdentityServer4 as a…
Levitybot
  • 481
  • 5
  • 8
6
votes
2 answers

WCF, Claims, ADFS 3.0

I'm trying to understand what I need to develop a framework using WCF, Claims and ADFS 3.0. The internal users will authenticate against Active Directory, External User authenticate against SQL Server table and the authorization is stored in…
Fab
  • 904
  • 2
  • 14
  • 38
6
votes
3 answers

How to separate large cookies in Asp.Net Identity into a smaller ones to allow MANY claims?

I'm working on a prototype of a claims-based authorisation for our MVC application. We use Asp.Net Identity for authentication. We would like to have a claim for every controller action and then give/take away users' claims so we have a very fine…
trailmax
  • 34,305
  • 22
  • 140
  • 234
6
votes
3 answers

What is issuer/issuer claim in security manner?

I'm new to security manner and .NET security manner. I see a lot about the claims, and issuer, etc but I feel confused about the definition. In easy English, what is claim? And what is an issuer/original issuer in claim?
Vu Nguyen
  • 3,605
  • 3
  • 22
  • 34
5
votes
1 answer

Microsoft.Identity.Web: OnTokenValidated event not triggered

What I'm trying to do is add a claim after authentication. The following example of registering an OnTokenValidation event does not do the trick. The event never triggers. I'm using Microsoft.Identity.Web to authenticate on Azure AD B2C. That part…
Franz
  • 53
  • 1
  • 4
5
votes
3 answers

Okta not returning custom claims in tokens

I just signed up for a dev test account with Okta to test OIDC using Okta's auth service and user management. Using their management portal, I created a second group called Test Group along with the default group of Everyone and added my single user…
RHarris
  • 10,641
  • 13
  • 59
  • 103
5
votes
1 answer

What is different between Claims used in ApiResource and Scope in IdentityServer4

I have created a ResourceApi in my IndetityServer4 something like this: I have defined a ApiResource called API 1 and specify directly claims - name, sub for this api resource and I've extended this resource and specify two scopes named Api1.Read…
Jenan
  • 3,408
  • 13
  • 62
  • 105
5
votes
5 answers

How do I get a custom field out of the payload using JJWT

OK, I am adding a couple of custom claims to the payload when I generate the JWT, and I can pull those out just fine in my front-end (javascript). I then have my javascript send an ajax call to a micro-service and it passes the JWT along with it. I…
Jacob Miles
  • 196
  • 1
  • 2
  • 13
5
votes
2 answers

How to extract and get a claim from token?

I've been looking for an exact answer but it seems most answers are client call and out of the scope. Question: I already have an access token access token. How to get a claim using c# code given an access token ONLY? I think: Below are the same…
choopau
  • 2,209
  • 5
  • 21
  • 28
5
votes
3 answers

ASP.NET Core Facebook Authentication Middleware user picture

I'm trying to retrieve user profile picture with Facebook Authentication middleware in ASP.NET Core 1.0. I have managed to add these configurations to make the user picture availble app.UseFacebookAuthentication(new FacebookOptions() { …
Ahmad
  • 2,629
  • 3
  • 22
  • 27
5
votes
1 answer

Unrecognized configuration section system.identityModel

I keep getting this error when building: Unrecognized configuration section system.identityModel I have added the following to my config:
Chris
  • 365
  • 7
  • 19
5
votes
1 answer

Prefix OAuth properties ? i.e. as:client_id

I am seeing a lot of people using "as" as a prefix for return items on OAuth for example as:client_id Can anyone tell me what significance this has? I don't see it in the OAuth specs Thanks
Martin
  • 23,844
  • 55
  • 201
  • 327
5
votes
2 answers

Trying to override CreateAsync function on ClaimsIdentityFactory

Few days ago, I found a very good tutorial about MVC, Identity and OWIN by Ben Foster. The tutorial is here I've just finished the tutorial, and I've found a problem trying to override the function 'CreateAsync'. Visual Studio doesn't allow…
oriol.puig
  • 73
  • 1
  • 7
1 2
3
37 38