Tuesday, January 17, 2017

ASP.NET Core: User.Identity.Name remains empty after authenticating using OIDC

After solving the problem I had yesterday, my OIDC middleware in ASP.NET Core was finally working. I was able to login and I could find all my claims inside my ClaimsIdentity.

However this was not the end of all my problems as I noticed that the User.Identity.Name value was empty. Strange! Because when I took a look at my claims, a name claim was certainly there…

image

What is going on?

The thing is that Microsoft provided a NameClaimType and also a RoleClaimType property on ClaimsIdentity. These properties define which claim should be used to represent the name(and role) claim on your User.Identity.  As a default value they decided on using the following claimtypes (which were part of WIF):

These claimtypes are not part of the OIDC claim types and this explains why no mapping is happening…

To fix this you can update your OIDC middleware by adding a TokenValidationParameters section:

No comments: