Reputation: 2223
OAuth 2.0 Client Credentials get user id
I am using Identity Server 3 and following example from here. Client Credentials using OAuth 2.0.
I overwritten AuthorizeAttribute but when I look at the ClaimsIdentity Name and Actor are null. Is this by design? I am responsible to populate them? If so how? I see that Claims has client_id but why it's not getting reflected in Name or Actor?
Q: How can I get identity of who is calling?
Upvotes: 0
Views: 1914
Answers (1)
Reputation: 15005
We have two definition in OAuth, User and Client
User is a human participant which basically has username and password.
Client is an application which User use which has a client_Id and client_secret.
When you using Client Credentials there is no User involved, and only clientId and ClientSecret is sent, therefor both Actor and Name property is null, because these properties are bind to user. In this case you should use Password, Code or Implicit Grant Type which have user involved.
Upvotes: 1
Related Questions
- Retrieve user information from Web API OAuth Bearer authentication
- How to get identity in API using OpenID Connect
- How to request User Info from IdentityServer4
- How to get user id from IdentityServer in client app when including access token?
- how to pass clientid and client secret in oauth2.0 in c#
- how to generate OAuth client identifier and client secret?
- OAuth2Client clientId and clientSecret not set
- OWIN + OAuth - How to provide User ID instead of UserName
- How to get UserID in OWIN OAuth .NET
- Getting User ID after OAuth Login