IdentityServer4 Add Claims to /connect/token

Question

I found a couple answers on here that were similar to what I needed but the problem with all of them is that they are for versions of IdentityServer4 that are outdated. Right now I'm using IS4 version 1.2 and I'm trying to add claims to /connect/token. I'm using Postman to connect to this location which currently returns a regular access token. I need custom claims in this token. The official documentation is rather sparse in this regard. Any examples or pointers to docs that cover this a bit further in depth would be much appreciated!

Answer 1

As Scott says, you need to define within your ApiResource and/or ApiScope which claims you expect to be available in the token.

If you are dealing with custom claims (i.e. pieces of information only you know how to retrieve from your identity structures) then you will also need to provide an implementation of the IProfileService and make sure that is added into the pipeline in the ConfigureServices method.

services.AddTransient<IProfileService, CustomProfileService>();

You can then implement whatever logic you like to populate the context with the claims requested in context.RequestClaimTypes.

Answer 2

You can set claim types that should be returned in an access token either by adding them to the UserClaims collection on an ApiResource or an ApiScope.

To set hardcoded claims (both type and value) you do this on the Claims collection on a Client.