Reputation: 13217
Custom user data in access token with ASOS
I'm trying to impement the OpenID Connect server using AspNet.Security.OpenIdConnect.Server.
Is it possible to place some custom user data to the access token when issuing token at authorization Server and then retrieve it at Resource Server during token validation and request processing?
Example: I want to write to the access token an IP address that was used to get token by user. Then at the resource server I want to compare current user IP address and IP address from token during token validation.
Another example: I want to write user's roles to token and then retrieve them in WebApi action filter or action itself
Upvotes: 1
Views: 389
Answers (1)
Reputation: 42070
Consider simply storing the IP address as a claim:
identity.AddClaim("ip_addr", HttpContext.Connection.RemoteIpAddress.ToString(),
OpenIdConnectConstants.Destinations.AccessToken);
Then, in your API controller, retrieve it using:
var address = User.FindFirst("ip_addr").Value;
Upvotes: 2
Related Questions
- How to pass custom values to identityserver4 with oauth?
- How do I customize /connect/token to take custom parameters?
- Get User Info From Access Token WebApi Asp.net Core
- Use UserManager GenerateUserTokenAsync to create custom tokens with extra data
- Identity Server 4 Client Credentials for custom endpoint on token Server
- Asp.NetCore Identity - Create custom token provider
- Add additional information to access token for IdentityServer 4
- Token Authentication- Set custom User Property
- OAuth token bearer extra user information
- How can I set Extra Data into Access Token in Authorization code flow