I am trying to find a document or example of how you would add custom claims to the user identity in MVC 5 using ASP.NET Identity. The example should show where to insert the claims in the OWIN security pipeline and how to persist them in a cookie using forms authentication.
61
votes
4 Answers
47
votes
Perhaps the following article can help:
var claims = new List<Claim>();
claims.Add(new Claim(ClaimTypes.Name, "Brock"));
claims.Add(new Claim(ClaimTypes.Email, "brockallen@gmail.com"));
var id = new ClaimsIdentity(claims,DefaultAuthenticationTypes.ApplicationCookie);
var ctx = Request.GetOwinContext();
var authenticationManager = ctx.Authentication;
authenticationManager.SignIn(id);
62
votes
The correct place to add claims, assuming you are using the ASP.NET MVC 5 project template is in ApplicationUser.cs. Just search for Add custom user claims here. This will lead you to the GenerateUserIdentityAsync method. This is the method that is called when the ASP.NET Identity system has retrieved an ApplicationUser object and needs to turn that into a ClaimsIdentity. You will see this line of code:
// Note the authenticationType must match the one defined in CookieAuthenticationOptions.AuthenticationType
var userIdentity = await manager.CreateIdentityAsync(this, DefaultAuthenticationTypes.ApplicationCookie);
After that is the comment:
// Add custom user claims here
And finally, it returns the identity:
return userIdentity;
So if you wanted to add a custom claim, your GenerateUserIdentityAsync might look something like:
// Note the authenticationType must match the one defined in CookieAuthenticationOptions.AuthenticationType
var userIdentity = await manager.CreateIdentityAsync(this, DefaultAuthenticationTypes.ApplicationCookie);
// Add custom user claims here
userIdentity.AddClaim(new Claim("myCustomClaim", "value of claim"));
return userIdentity;
6
votes
If you want to add custom claims at the time of registration then this code will work:
var user = new ApplicationUser
{
UserName = model.UserName,
Email = model.Email
};
var result = await UserManager.CreateAsync(user, model.Password);
// Associate the role with the new user
await UserManager.AddToRoleAsync(user.Id, model.UserRole);
// Create customized claim
await UserManager.AddClaimAsync(user.Id, new Claim("newCustomClaim", "claimValue"));
if (result.Succeeded)
{...etc
3
votes
you can do the following in WEB API C #
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
foreach(var Rol in roles)
{
identity.AddClaim(new Claim(ClaimTypes.Role, Rol));
}
identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
identity.AddClaim(new Claim(ClaimTypes.Email, user.Correo));
identity.AddClaim(new Claim(ClaimTypes.MobilePhone, user.Celular));
identity.AddClaim(new Claim("FullName", user.FullName));
identity.AddClaim(new Claim("Empresa", user.Empresa));
identity.AddClaim(new Claim("ConnectionStringsName", user.ConnectionStringsName));
....
