I enabled the IdentityServer to authenticate with Facebook with the implicit flow.
now when I get authenticated i get an id value as subject. like 502967fe0125ce3ff75050ef7b83fd68 I used it as a user id to store user related data. But from time to time it seems like the content of the subject changes and I get a different id.
Am I missunderstanding the concept of the Subject . Is it expected that it is chagning ?
Shouldn't be the subject id constant? What information should I use to store user related data ?
This is how i configure the facebook provider in the identityserver:
public static void Configure(IAppBuilder app, string signInAsType)
{
var fb = new FacebookAuthenticationOptions
{
AuthenticationType = "Facebook",
Caption = "Facebook",
SignInAsAuthenticationType = signInAsType,
AppId = myAppId,
AppSecret = mySecret
};
app.UseFacebookAuthentication(fb);
}
And here is the client config in the website
JwtSecurityTokenHandler.InboundClaimTypeMap = new Dictionary<string, string>();
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = "cookies"
});
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
AuthenticationType = "oidc",
SignInAsAuthenticationType = "cookies",
ClientId = "website",
Authority = identServer,
RedirectUri = "http://localhost/pluto/",
ResponseType = "id_token token",
Scope = "openid profile email warehouseapi"
}
The sub claim represents the unique identifier of the user in the context of the STS.
This typically means that a new sub is created the first time the user logs in. This sub is then associated with the external login (issuer name and external sub) and re-used.