-
Notifications
You must be signed in to change notification settings - Fork 217
Utility classes
Microsoft Identity Web contains additional classes that you might find useful.
In web apps that sign in users, ASP.NET Core transforms the claims in the ID token to a ClaimsPrincipal
instance, held by the HttpContext.User
property. In the same way, in protected web APIs, the claims from the JWT bearer token used to call the API are available in HttpContext.User
.
The library provides extension methods to retrieve some of the relevant information about the user in the ClaimsPrincipalExtensions
class.
If you want to implement your own token cache serialization, you might want to use this class, for instance to get the key of the token cache to serialize (typically GetMsalAccountId()
).
In the other direction, ClaimsPrincipalFactory
instantiates a ClaimsPrincipal
from an account object ID and tenant ID. These methods can be useful when the web app or the web API subscribes to another service on behalf of the user, and then is called back by a notification where the users are identified by only their tenant ID and object ID. This is the case, for instance, for Microsoft Graph Web Hooks notifications.
Finally, you can create a ClaimsPrincipal
from an instance of MSAL.NET IAccount
, using the ToClaimsPrincipal
method in AccountExtensions
.
- Home
- Why use Microsoft Identity Web?
- Web apps
- Web APIs
- Using certificates
- Minimal support for .NET FW Classic
- Logging
- Azure AD B2C limitations
- Samples
- Web apps
- Web app samples
- Web app template
- Call an API from a web app
- Managing incremental consent and conditional access
- Web app troubleshooting
- Deploy to App Services Linux containers or with proxies
- SameSite cookies
- Hybrid SPA
- Web APIs
- Web API samples
- Web API template
- Call an API from a web API
- Token Decryption
- Web API troubleshooting
- web API protected by ACLs instead of app roles
- gRPC apps
- Azure Functions
- Long running processes in web APIs
- Authorization policies
- Generic API
- Customization
- Logging
- Calling graph with specific scopes/tenant
- Multiple Authentication Schemes
- Utility classes
- Setting FIC+MSI
- Mixing web app and web API
- Deploying to Azure App Services
- Azure AD B2C issuer claim support
- Performance
- specify Microsoft Graph scopes and app-permissions
- Integrate with Azure App Services authentication
- Ajax calls and incremental consent and conditional access
- Back channel proxys
- Client capabilities