Using ASP.NET Profile as a Source for Claims in Thinktecture IdentityServer

If you are using the ASP.NET membership/roles/profile infrastructure in IdentityServer, we made it very easy in v2 to use the profile API to add per-user claims to outgoing tokens. Here’s how:

1 Enable Profile
Make sure the profile section is enabled in web.config:

<profile configSource=configuration\profile.config />

2 Set Profile Properties
In profile.config you specify the profile properties, e.g.:

<properties>
  <add name="City" />
  <add name="HomePage" />
  <add name="TwitterName" />

</properties>

The default provider repository will prefix the property names you specify with a http://identityserver.thinktecture.com/claims/profileclaims/ namespace. This value is not configurable right now, but you can modify the ProviderClaimsRepository.cs file if you want to change that.

3 Set Profile Values for the User
You can then set the values for the properties from the admin UI. First go to the users section and select Profile for the user in question:

Users

Then set the profile values:

Profile

4 Request a Token
The outgoing token for that user will now contain the profile values as claims. This is regardless which protocol you use to request a token:

ProfileClaims

 

HTH

This entry was posted in IdentityServer. Bookmark the permalink.

4 Responses to Using ASP.NET Profile as a Source for Claims in Thinktecture IdentityServer

  1. Cale Rath says:

    There is other data in membership that I would like to be provided as claims. For instance, application name. Is it possible, via configuration, to add additional claims from other tables in the membership DB schema?

  2. I have defined custom fields for profile. I have followed the same steps outlined above but the profile is not loading as claims. Any idea what could be the cause of this

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s