Reputation: 15237
Entity in the API project has UserId how do I get, the username from IdentityServer4?
I have a .NET Core API that has an Artist.cs entity. This application has no Authentication or Authorization logic. All that is delegated to IdentityServer4 coupled with ASP.NET Identity.
public class Artist
{
public int Id { get; set; }
public string FirstName { get; set; }
public string LastName { get; set; }
public string UserId { get; set; }
public DateTime CreatedAt { get; set; }
}
I wish to have an endpoint on my API that shows the most recent submissions /artists/latest with a response like:
[
{
"artist": "Ray Charles",
"username": "John Doe"
},
{
"artist": "BB King",
"username": "Mary"
}
]
The problem is, my API database does not have the username! It only stores the user Id. How do I get the username from the UserId?
Upvotes: 0
Views: 364
Answers (2)
Reputation: 818
Why that application doesn't have Authorization?
When you generate the token on IdentityServer, the client must ask for "profile" scope, and IdentityServer must allow it.
Then you will have access to the following profile claims:
- name
- family_name
- given_name
- middle_name
- nickname
- preferred_username
- profile
- picture
- website
- gender
- birthdate
- zoneinfo
- locale
- updated_at
Just make sure when you are creating users you are creating the "name" claim. When your API receives the access token, you can access the "name" claim.
Upvotes: 0
Reputation: 2631
You need to access Username (Data stored in another database) from a different API.
Let's get some things straight. There are three different apps involved in this scenario.
- Identity Server: An MVC app or API which is responsible for providing the access_token.
- Resource Owner: The API which provides services related to the user info.
- Client: The API, which is trying to access the user info.
Here, the Identity Server and Resource Owner can be the same app in some cases.
There are two ways you can achieve it.
API way
- Create an endpoint
users\{userId}on the Resource Owner API. - Create a client on the Identity Server with Client Credential grant type. Which enables the machine to machine access.
- Setup Identity Server on Resource Owner API with the client_id and client_secret configured in the Identity Server.
- When the Client API receives a request on
/artists/latestendpoint. It needs access to the information of the userx- It sends a HTTP request to the Identity server and saves token(
xyz) from the response somewhere so it can reuse it in the current request. - Then sends a new HTTP request to the Resource Owner API. like
www.my-api.com/api/users/xwith the token asAuthorizatoin: Bearer xyz. And from the response, it retrieves the required info.
- It sends a HTTP request to the Identity server and saves token(
You can also make an endpoint where you can send a list of user id and it returns list of user info.
Database way
The other way (Simpler way IMO)
If you have data access layer in place then you can just add it as a dependency of the Client API and use it directly.
If you don't have a DAL then you can just create a library and paste the DBContext in it then reuse it in any project you want.
Upvotes: 1
Related Questions
- User.Identity.Name is null in my ASP.NET Core Web API
- Asp.net Core Get User by User Id
- Get user Id from reference token in API
- Asp Core Identity, How to get userId after login?
- .Net Core IdentityServer4 Get Authenticated User
- Get current user name in IdentityServer4 & ASP.net Core
- How do I access my current user using IdentityServer4?
- How to get user from Asp.Net Identity 2?
- Get IdentityUser FullName of the current User in ASP.Net Webforms Web api
- how to get AspNet Identity User ID directly in .aspx?