Libby  Shields

Libby Shields

1595296200

ASP.NET Core Identity Claims based Authorization

What are the claims?

The identity of the user consists of a set of properties like Unique Id, Name, Email Id, Email Verified, etc and these properties are called claims. A claim set is a list of properties that belongs to the user. Claims contain information about the user that can be used to build a flexible authorization model. These claims get assigned to the user when a new user is created using the register link. A claim is typically like a key-value pair.

ASP.NET Core Identity by default comes with claims for a user and we can implement our own custom claims as well. There can be multiple claims of the same type.

Authorization using a claim can be implemented based on the value of the claim for that user. Access to protected resources can be determined by comparing the claims needed to access the resource with the claims available for the user.

Implement a Custom Claim

In our previous demo, we created a custom user profile property Full Name which we will add to our list of custom claims i.e. claim list will contain a custom claim ‘FullName’

We will work on the source code which we created as part of the previous article where we added Identity to an existing Sample Blog Application. Here is the link to base source code which will be used for this demonstration.

Display all claims

First, let’s add a link to display all the claims from the identity of the logged-in user. We will add a new link ‘Claims’ besides post link & corresponding action in new user controller & cshtml to display all the available claims.

Add user controller

Add user controller to implement action for list of claims for the user

[Authorize]
public class UserController : Controller
{
    private readonly ILogger<UserController> _logger;

    public UserController(ILogger<UserController> logger)
    {
        _logger = logger;
    }

    public IActionResult Claims()
    {
        return View();
    }
}

Add view to display claims

This cshtml will iterate claims in identity user object to display all the available claims.

#programming #asp.net core 3.1 #asp.net core identity #identity claims #security

ASP.NET Core Identity Claims based Authorization