Robert Hegner
Reputation: 9386
Add additional claims on TokenValidated event
In my ASP.NET Core 1.1 application I'm using JWT tokens for authentication. Under certain conditions I need to add additional claims to the user which are not provided in the token.
So I hooked into the IJwtBearerEvents.TokenValidated event and tried to add additional claims in that event handler. I tried several things:
// (1) - doesn't work
((ClaimsIdentity)context.HttpContext.User.Identity).AddClaim(myNewClaim);
// (2) - doesn't work
var jwtToken = context.SecurityToken as JwtSecurityToken;
((ICollection<Claim>)jwtToken.Claims).Add(myNewClaim);
// (3) - doesn't work
context.HttpContext.User.AddIdentity(new ClaimsIdentity(new Claim[] { myNewClaim }));
No matter how I do it, I don't see these additional claims in User.Claims in the controller action.
What is the correct way to add additional claims after successful bearer token verification?
Upvotes: 2
Views: 3271
Answers (1)
Robert Hegner
Reputation: 9386
The article linked by @MarkG shows a fourth way for accessing the claims - and this one works:
// (4) - works!
(context.Ticket.Principal.Identity as ClaimsIdentity).AddClaim(myNewClaim);
Upvotes: 3
Related Questions
- AspNet Identity Core - Custom Claims on Login
- ASP.NET Core Identity - How to add new claims after initial login
- Add claims using JWT bearer in ASP.NET Core
- How to manipulate Claims in ASP.NET Core 5 with Windows authentication
- Set custom claims for ClaimsIdentity using IdentityServer4 authentication
- Identity Server 4 Add a claim to a generated token
- Custom Authentication & Update Claims in ASP.NET CORE
- How to add additional claims to be included in the access_token using ASP.Net Identity with IdentityServer4
- ASP Core Add Custom Claim to Auth Token
- Custom claims with Jwt Bearer Authentication