Questions tagged [claims-based-identity]

Application model for presenting an identity to a claims aware application. This identity contains claim elements, such as email address or username, in a secure package from a trusted source. This model separates the application from the authentication mechanism.

0
votes
0answers
8 views

Adding role to context

I have the following code which working fine for authentication // POST api/Account/AddExternalLogin [Route("AddExternalLogin")] public async Task<IHttpActionResult> ...
0
votes
0answers
6 views

SSO and Authorization Best Practices between applications

Assume you have two applications with their own User Registery (accounts, roles, and permissions) and you use an Identity Provider to authenticate user againts a common user registery like Active ...
0
votes
0answers
13 views

How to sign in an external ClaimsIdentity using IdentityUser Asp.Net Core 2.2?

Context Summary I'm building a prototype WebApp which I want to integrate to Quickbooks Online. This WebApp will in turn offer options to call a WebApi that will be responsible to make the requests ...
0
votes
1answer
24 views

IdentityServer4 System.ArgumentNullException: Value cannot be null. Parameter name: type when trying to refresh token

I have identityserver4 v2.4 setup to user ASP.Net Identity and Entity Framework as an operational store. When I call tokenClient.RequestRefreshTokenAsync(oldRefreshToken); as follows, I always get an ...
0
votes
0answers
22 views

Setting authentication cookie in SS Blazor (1.0 Preview 5)

I am trying to use claims identity with server-side (SS) Blazor 1.0 P5. The CookieAuthenticationHandler reports that the user has been signed-in, however no cookie is set for the domain: No need to ...
0
votes
0answers
6 views

One login but two user registry (two ADs)

I need some advice regarding if it is a good idea to have one single credentials (username/password) for a user in an organization that has two Active Directories. Some of users exist in both ADs (...
0
votes
0answers
23 views

How to grant access to users externally authenticated and not registered in my WebApp using asp.net core 2.2?

Summary This is my first try with OAuth2 and External Login Mechanisms. I'm creating a WebApp that will expose API features through a user-friendly UI. In order to make API calls, I need to receive ...
1
vote
2answers
76 views

JWT authorization with roles in Identity Core

I have trouble with understanding Roles in Identity Core My AccountController looks like this, I added Roles in claims in GenerateJWTToken method: [HttpPost("Login")] public async Task<object&...
0
votes
0answers
28 views

Passing the RP realm identifier to an IP-STS from ADFS3 as a R-STS

We have a federation between ADFS v3 and Identity Server v4 and the authentication chain is like below using WsFederation Ids (CP) -> ADFS -> Claims Aware App(RP) 1.User goes to Claims Aware app ...
0
votes
1answer
38 views

How to add values to claims and retrieve it from web api - .Net core

I am using Asp .net core 2.1 How to add values such as userId to claims at the time of login and retrieve claims values in Web api?
0
votes
0answers
93 views

Keycloak REST API called with C#

I need an easy and simple way to consume the Keycloak REST APIs from https://www.keycloak.org/docs-api/5.0/rest-api/index.html with ASP.NET Core C#. I tried using the https://github.com/mattmorg55/...
0
votes
0answers
18 views

Add a new table for customer ,login with the same session with users in AbpUsers,but report FK error in settings

I divide the website into FrontEnd and BackEnd(Areas) . I add a new table which is used to save the the Customers who sign up in Frontend. then the customer can login. Customers are different from ...
0
votes
1answer
83 views

Getting the identity token (id_token) within redirect URI (MVC Controller)

I'm hoping this is mostly agnostic from Okta (the service we are using for social logins), but I'm having a hard time finding documentation. I'm using .NET Core 2.0+ and my Startup.cs looks like this: ...
0
votes
1answer
285 views

ASP .NET CORE 2.2 JWT & Claims identity Authentication for Website

I have an .net core 2.2 api which generates (on a successful login) a JWT token which contains a claims identity that passes along information such as the username, permissions and roles of the ...
0
votes
0answers
117 views

User Claims is NULL when opening page through WEB VIEW in mobile (.net core)

Is there any way to access user claims when accessing your web page through mobile (web view). I am able to access claims when accessing page via WEB but it is showing NULL when accessing same page ...
0
votes
0answers
22 views

How to Transform LDAP Query to SAML Claim Rules

I have a website that is set up to query ldap (specifically Microsoft AD), and then authenticate and search the groups the member is a part of upon successful login. I am now trying to migrate the ...
0
votes
0answers
15 views

Identity Claims showing as null after accessing

Interesting problem I have. My post-authentication ClaimsIdentity becomes null after being accessed. It doesn't seem to matter how it's access, any access at all nulls out the claims. Viewing the ...
1
vote
2answers
65 views

Integration between Two IdentityServer4 (aspnet identity)

I'm trying to do IdentityServer4(A) integration with another IdentityServer4(B) implementation. These two are currently working independently from each other. I already did some progress with this, ...
0
votes
2answers
34 views

Is the name identifier claim of a given ClaimPrincipal provided to an Azure Function the same across different applications?

I have an application built on Azure Functions. My users can use Facebook, Google and Microsoft as a Identity Providers as my application has been registered in each of these providers. My Azure ...
0
votes
1answer
49 views

Getting access to “employeeId” or “jobTitle” Claim via Asp.Net Core 2.2 with AzureAd

I'm trying to extend the claims I get back from AzureAd. I know there's more available, but I have no idea where to start. The documentation is all over the place. I basically have an ASP .Net Core 2....
0
votes
1answer
48 views

Is there a way to use Identity 2.0 AspNetUsers Authentication (Azure SQL) AND OpenIdConnect (to use Azure Active Directory)?

The big idea... A user inputs their email to sign in. We look to see whether their company uses Azure Active Directory (Azure AD) or not. If they do, go to Microsoft to sign in. If not, sign in using ...
1
vote
1answer
176 views

Why is the 'identityProvider' claim missing in the ClaimsPrincipal running in an Azure Function v2?

I have an Azure Function App that is deployed in 2 environments, one for Development and one Production, each with their own URL. In both environments, the functions are configured to enable users to ...
0
votes
1answer
36 views

How to check claim for value in API request (ASP.NET Core 2.2)

I'm using claims-based-identity in ASP.NET Core 2.2 From what I've read, it's possible to make custom claims/policy authorization using the following format (found in this answer) [Authorize(Policy =...
0
votes
0answers
73 views

ASP.NET Core ClaimsPrincipal with multiple ClaimsIdentity

I am quite new to asp.net core (2.1) and trying to build an mvc application with local user accounts. The application uses the Identity framework and a local sql server db with the default schema. ...
1
vote
1answer
42 views

asp.net role based authorization with wildcard names

I am trying to implement the role based authorization in .net core web api. I don't have the fixed role names. I have to validate with the common prefix only. For example, in JWT claim the role will ...
1
vote
1answer
270 views

Adding Redirection immediately after Login in ASP.Net Core 2.1 using Identity Core

Hi guys I am trying to achieve redirections immediately after Login in a .Net Core 2.1 application using Identity Core. The redirections are dependent on roles of the logged in user. I am getting a ...
1
vote
1answer
45 views

Null Reference Exception for ClaimsType in IdentityCore, Getting claims as null

Hi guys I am trying out Identity Core, I need to get the details of the user who has logged in. I am trying the following: var result = await _signInManager.PasswordSignInAsync(Input.Email, Input....
1
vote
0answers
76 views

Problem adding Azure AD user extension to id token claims

I'm attempting to follow the documentation here to add a user extension to my id token's set of claims, but I can't get it to show up in the token I'm getting. I've created a user extension in an on-...
0
votes
1answer
82 views

How Claims are mapped in asp.net core

I am new to asp.net core and I am currently working in the multi-tenant application.I am now stuck because i have no idea of how the claims are mapped in asp.net core I am getting the above error ...
1
vote
2answers
55 views

Store array of int into claims with AddClaims

I want to put an array of int in one of my claims on a web application .net core 2.2. When logging in to create the ticket I use this to add claims, but how to add a complex object. if (ticket....
0
votes
1answer
90 views

Invalidate ClaimsPrincipal after it has been modified

I am using ASP.NET MVC, Identity2. I have added "FirstName" Custom ClaimPrincipal: public async Task<ClaimsIdentity> GenerateUserIdentityAsync(UserManager<ApplicationUser, long> manager) ...
0
votes
1answer
35 views

Is it possible to do Custom Claim Transformations in AzureAD like you can with ADFS?

We are attempting to use AzureAD as a IDP for Amazon Web Services and provide the ability for our users to role switch into other accounts / levels of access based on their AD Group memberships. The ...
0
votes
0answers
105 views

OAuth2 Resource Owner Password Credentials with Dynamic Client registration

I am implementing login within a new native application (iOS and Android) and deciding on the kind of authentication to adopt. There are some quite clear guidelines around OAuth that state that this ...
0
votes
0answers
28 views

Update user claims without updating authentication time

I've seen many posts about updating user claims but finally they all use SignIn method which updates authentication time. There is a core functionality in my web application based on authentication ...
0
votes
2answers
494 views

User.Identity.Name is null after federated Azure AD login with aspnetcore 2.2

I've followed AzureAD aspnetcore sample as closely as possible to try and implement Azure AD authentication in our aspnetcore 2.2 webapp. I am able to login successfully using Azure AD. However, the ...
0
votes
3answers
70 views

How to get user claims by using JWT Bearer token

Am sending Bearer Token in the header from Postman. Now I need to get User Claim in the API using that bearer token. The code which I tried is not working means am not getting user Name/Email. How can ...
-2
votes
1answer
18 views

Question about Regex to edit claim and remove part of email / username

Completely new to regex only read a few guides my problem is as follows. A 3rd party solution is being connected to our Adfs 2016 enviroment. We have run into a problem as the solution cannot handle ...
0
votes
0answers
18 views

Caching claims in custom authorization policy

Can anyone please guide how to cache claims in a custom authorization policy so that I don't have to hit the database to get all rights, each time a new service request comes from the client? ...
0
votes
1answer
46 views

Using .net Core Identity with my business

I have a tree which is in a table named cartable. I want to use .net core Identity to grant some permissions to this tree like these: Each Role has some permissions such as "Read Letter","Create a ...
0
votes
1answer
58 views

Azure AD Authentication for Intranet Web Application

We are developing Intranet web application using NET framework is 4.6.1 (C#). Both UI (MVC) and backend (Web API) would be deployed as separate web apps in IIS. The requirement is to authenticate user ...
4
votes
1answer
198 views

Multiple JWT bearers for authorization and authentication

I have a .NET Core IdentityServer (IS) for SSO, which I want to use for authentication of my .NET Core(backend)-Angular (client) app. I want to have an EF ApplicationUser on the backend and Claim ...
0
votes
1answer
29 views

Azure Active Directory B2C local accounts sign-up with profile picture

Is it possible to upload the profile picture while user signs up with a local account? I've implemented with the built in claims but not sure how i can provide a picture at the time of signing up.
0
votes
1answer
82 views

How to get Email address from the principal in ASP.net?

I am trying to get the Email associated with the current user. The following shows few lines that I add Claims in authentication. public override async Task GrantResourceOwnerCredentials(...
0
votes
0answers
47 views

Azure Claims - Mobile claim not exposed

I'm using custom policy to add Azure AD as an identity provider for my Azure AdB2C instance. I configured output claims to get from Azure AD, but not all claims exposed, After hours of searching why ...
0
votes
1answer
43 views

Claim permission value with context

I'm starting to use claim-based authorization for my asp.net web API project. In my projects users can have permission to edit entities. But user have permission to edit entity1, but not entity2. In ...
1
vote
4answers
402 views

How to make custom user claims be available in API requests

I have a solution consisting of: ASP.NET Core 2.1 running IdentityServer4 on top of ASP.NET Identity Core. ASP.NET Core 2.1 Web API set to use the IdentityServer as the authentication provider. A ...
0
votes
1answer
105 views

Configuration of claims provider for application group or relying party

I have a Windows Server 2016 on which I am using ADFS. I followed the link at https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/configure-ad-fs-to-authenticate-users-stored-in-...
0
votes
1answer
115 views

ASP.NET Identity Core 2: add custom claim based on login URL

I've got an ASP.NET core application which implements a custom UserClaimsPrincipalFactory , including the following method: protected override async Task<ClaimsIdentity> GenerateClaimsAsync(...
0
votes
1answer
63 views

ASP.NET Core Identity Claim inheritance not working

According to the docs, when I add a user to a role, he inherits all of its claims. However, I have hit a roadblock where I know the user has a specific role and I also know that these roles have some ...
0
votes
2answers
43 views

How to get access token for authenticated user to make an authorized resource api call?

I have simple MVC 5 Owin project that uses a Auth server for authentication to request a token. When a user has logged in, how can I get the user's token to make other protected requests on the API? ...

http://mssss.yulina-kosm.ru