0

Is it possible to take some custom Claims, for example like this:

Find a user with given PIN number and Device_Id, grab values for that user and put them into claims.

CredentialsDb dbctx = new CredentialsDb();
var usr = dbctx.Credentials.Where(u => u.PIN == model.PIN && u.Device_Id == model.Device_Id).SingleOrDefault();

var identity = new ClaimsIdentity();
identity.AddClaim(new Claim("UserName", usr.UserName));
identity.AddClaim(new Claim("Device_Id", usr.Device_Id));
identity.AddClaim(new Claim("Device_Name", usr.Device_Name));
identity.AddClaim(new Claim("PIN", usr.PIN.ToString()));

And create a security token out of them? How this token can be build, if we are not using some STS and how can client consume it later? Anyone has some idea or good tutorial for sharing?

Improve this question

1 Answer 1

Reset to default
1

This is how I am doing it in my web api application, where I want to fetch all the roles for the user from the database and add them one by one to my Identity's claims:

Fetching the user:

IdentityUser user = new ApplicationDbContext().Users.Where([your conditions here...]).FirstOrDefault();

Creating the Identity:

var id = new ClaimsIdentity(context.Options.AuthenticationType);

And using a loop to add the roles to the claims of that identity:

foreach (IdentityUserRole R in user.Roles)
            {
                id.AddClaim(new Claim(ClaimTypes.Role, RolesProvider.RoleNameById(R.RoleId)));
            }

Of course you can use a similar logic to add any kind of information you have obtained about that specific user. Does that answer you question?

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.