Search code examples
c#asp.net-web-apithinktecture-ident-server

How to use InboundClaimTypeMap for claim mapping?

I have similar problem as here : https://github.com/IdentityServer/IdentityServer3.Samples/issues/9

But solution is not helpful for me.

So lets explain in more details with pictures and code:

I have this on client:

enter image description here

No need to map because NameClaimType(RoleClaimType) and Claim in list of claims are same

JwtSecurityTokenHandler.InboundClaimTypeMap.Clear();

On Api project I have:

enter image description here

In this case (if I understand correctly), I have to to map, because NameClaimType & RoleClaimType are not same with claim values. 

    JwtSecurityTokenHandler.InboundClaimTypeMap = new Dictionary<string, string>
    {
        {"role", System.Security.Claims.ClaimTypes.Role},
        {"name",System.Security.Claims.ClaimTypes.Name }
    };

But still not working. What am I doing wrong?

Solution

  • InboundClaimTypeMap is used to transform the incoming claims. It doesn't set the NameClaimType and RoleClaimType properties.

    Your authentication middleware should have the option to set name and role claim types. For instance:

    app.UseIdentityServerBearerTokenAuthentication(
  new IdentityServerBearerTokenAuthenticationOptions
    {
      ...,
      NameClaimType = System.Security.Claims.ClaimTypes.Name,
      RoleClaimType = System.Security.Claims.ClaimTypes.Role 
    });