c#asp.net-web-api2 asp.net-identity claims-based-identity asp.net-authentication

ASP.NET Identity "Role-based" Claims

I understand that I can use claims to make statements about a user:

var claims = new List<Claim>();
claims.Add(new Claim(ClaimTypes.Name, "Peter"));
claims.Add(new Claim(ClaimTypes.Email, "peter@domain.com"));

But how should I store "role-based" claims? For example:

The user is a super administrator.

claims.Add(new Claim("IsSuperAdmin, "true"));

The value parameter "true" feels completely redundant. How else can this statement be expressed using claims?

Solution

This is already done for you by the framework. When user is logged in, all user roles are added as claims with claims type being ClaimTypes.Role and values are role name.

And when you execute IPrincipal.IsInRole("SuperAdmin") the framework actually checks if the claim with type ClaimTypes.Role and value SuperAdmin is present on the user.

So don't need to do anything special. Just add a user to a role.

Sort program not working, not sure why
Fast & accurate atan/arctan approximation algorithm
What's the difference between strtok_r and strtok_s in C?
How memory address for pointer to arrays is same as an element in 2D array?
Which is the best way to suppress "unused variable" warning
How to use ellipsis in c's case statement?
How can I exclude non-numeric keys? CS50 Caesar Pset2
Fast ceiling of an integer division in C / C++
Is there an invalid pthread_t id?
How to Implement Universal Setter/Getter Functions for Interrupt-Driven Variables in Embedded C?
How does SIMD (avx) processing work? for example, if I want 10 32 bit floats how do i fit in a 256 bit avx vector?
FDCAN problems on STM32G4
How does the call macro enable mutual recursion between functions f and g in this Hanoi Tower implementation?
Running test on Rocket core CPU - global variable initialized to 0 is unsuccessful, output wrong value instead
Interacting with C arrays without knowing the size
Combination of two strings
Avoiding strcpy overflow destination warning
carriage return by fgets
How to use special characters in C?
Why does 1.0/100.0 == 0.1/10.0 give True?
Is it correct to compare pointers in C?
Force free() to return malloc memory back to OS
How can I print to standard error in C with 'printf'?
What is the standard behavior of fread in C on Windows?
How is strtok removing lines it shouldn't have access to?
Using array as smart point in C
Assigning string to malloced 2d char array not working as intended
How to refactor repetition inside a Makefile?
Why does an empty preprocessor command still evaluate to something?
How to implement variable sized array within C struct