Add interface to validate incoming identity #2148
Comments
Would it be acceptable to use the user service's |
Actually, I think I've already come to a conclusion -- this is conflating |
Completely agree with the last one. søn. 17. jan. 2016, 22.51 skrev Brock Allen notifications@github.com:
|
Added |
also open a doc issue. |
So how is this supposed to work then? When will this code hit and should I be looking for (or set) any specific claim in the principle? |
When you validate the user's identity in the user service you can emit any claims you want into the cookie for IdSvr. These claims will be present in this check. You so whatever you want in this API to say yes or no. |
Awesome! |
To be used from the CookieAuthenticationProvider on our main cookie middleware to reject incoming cookie.
The text was updated successfully, but these errors were encountered: