Asp .Net Identity default claims added after login

0
votes

I have noticed that after a user registers and logins to my website some default claims are being added that are not in the database.

enter image description here

As in the picture we have nameidentifier, name and SecurityStamp which are not in my database and I guess they are added on sign in. I need to prevent the name claim from being added as it seems to be overriding the claim with claim type name that i add to database on registration for a user.

This is how i add claims on registration for a user. (Maybe I am using wrong claim for users Firstname?)

enter image description here

So to sum it up can i turn off the default claims being added or should i use different claim type?

2
c#asp.net

2 Answers

2
votes

ClaimTypes.Name is generally used for the username/login name

ClaimTypes.NameIdentifier is the user Id.

Use ClaimTypes.GivenName for Forename

https://msdn.microsoft.com/en-us/library/system.identitymodel.claims.claimtypes(v=vs.110).aspx

There's also nothing stopping you creating your own claim types if there isn't a built in one that matches your need (e.g. FullName)

0
votes

This is how i add claims on registration for a user. (Maybe I am using wrong claim for users Firstname?)

You don't need to add the claims yourself, you can use UserClaimsPrincipalFactory<IdentityUser> to do it for you:

  1. Define in your controller injected dependencies:
using Microsoft.AspNetCore.Identity;
using Microsoft.Extensions.Options;

// Inject the following
UserManager<AppUser> userManager,
IOptions<IdentityOptions> identityOptions
  1. In action do this:
var factory = new UserClaimsPrincipalFactory<AppUser>(userManager, identityOptions);
var claimsPrincipal = await factory.CreateAsync(user);

If for some reason you can't use the factory, you can consult the latest identities from ClaimsIdentityOptions and from the UserClaimsPrincipalFactory source codes.