-
-
Notifications
You must be signed in to change notification settings - Fork 764
Extending standard access token claims #818
Comments
configure the scope claims on the scope - return the claims from the user service. |
Thanks a lot for quick answer ,you mean that claims should be added to StandardScopes.cs ? |
no - you create custom scopes. |
One more question ,Dominick.If I would like to initialize this claim from client .For example we have client credentials flow (web site running under anonymous user identity accessing protected resource in order to create entity) in which the client will pass entity Id in order to be token claim.My final target is to couple between token and entity id and use it claim (entity id) as parameter for protected resource. |
The client has a claims collection that you can use to add arbitrary claims to a client (at configuration time) I don't see "entity id" becoming a claim ever - it is rather part of the api call payload. |
The main difficult is that anonymous user may create resources and connect assets to this resources there for I want to connect access token to this resource id in order to avoid data compromise. Before user is authenticated the access token issued for web site which means that resource id might be changed and data might be compromised.What would be your advice to target this issue. |
I guess I don't understand the issue. if there is no user - then all you have is the client. |
In our platform the end user may create application and add to this application different assets without be authenticated. |
Sorry I still don't get it - i am missing the full context. Maybe you need consulting, something i can't do over the issue tracker - in any case you have full control over the token contents in IClaimsProvider. |
Is it OK to contact you on dominick.baier@thinktecture.com for consulting purposes? |
Sure. Just send me an email. Sent from my iPhone
|
Here's an example how to add Claims to Access Token http://stackoverflow.com/a/35539114/1689049 |
I would like to extend access token claims ,what is the right way to do it .I suppose that IClaimsProvider should be implemented.
The text was updated successfully, but these errors were encountered: