How do I get other claims of the user using ADFS?

Question

I am able to authenticate the user using ADFS and succeded in getting the user alias using the below statement. Since some time, i am looking for a way in getting the other claims of the authenticated user, like email, name, roles, username etc.

Any help on this would be appreciated.

string alias = ((MicrosoftAdfsProxyRP.MicrosoftPrincipal)HttpContext.Current.User).Alias;

Response.Write (alias);

Answer 1

Have a look at How to: Access Claims in an ASP.NET Page.

Just in case the link disappears, the key is:

void Page_Load(object sender, EventArgs e)
{
    // Cast the Thread.CurrentPrincipal
    IClaimsPrincipal icp = Thread.CurrentPrincipal as IClaimsPrincipal;

    // Access IClaimsIdentity which contains claims
    IClaimsIdentity claimsIdentity = (IClaimsIdentity)icp.Identity;

    // Access claims
    foreach(Claim claim in claimsIdentity.Claims)
    {
      Response.Write(claim.ClaimType) + "<BR>";
      Response.Write(claim.Value) + "<BR>";
      Response.Write(claim.ValueType) + "<BR>";
    }
}

Answer 2

You're asking the world a question about an internal Microsoft service and interface. Try emailing the msftadfsproxydisc alias with your question.

Answer 3

The Claims way of getting the other claims is as follows.

IClaimsPrincipal claimsPr = (IClaimsPrincipal)(HttpContext.Current.User) From the claims principle you can get the ClaimsIdentityCollection through the IClaimsIdentity.

Get the IClaimsIdentity from the claimsPr.Identifies.

Then inspect all the claims present in the IClaimsIdentity using the Claims property.