asp.net-coreasp.net-web-apiasp.net-identityidentityserver4
Add Role in Identity Core Token Response for ASP.NET Core SPA Template
So I'm using the ASP.NET Core React Template with built-in authorization. In that template, everything is working and I'm able to login and register an account via this
services.AddDefaultIdentity<ApplicationUser>(options => options.SignIn.RequireConfirmedAccount = true)
.AddRoles<IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>();
services.AddIdentityServer()
.AddApiAuthorization<ApplicationUser, ApplicationDbContext>();
services.AddAuthentication()
.AddIdentityServerJwt();
When I view the token via application localstorage, I get the following data. Without the role.
I also viewed the access token via jwt.io
My question is, how can I add the role there or the role in the jwt token?
Thank you!
Solution
You need to create a ProfileService which implements IProfileService interface
I share you code from my project
public class ProfileService : IProfileService
{
protected UserManager<ApplicationUser> UserManager;
public ProfileService(UserManager<ApplicationUser> userManager)
{
UserManager = userManager;
}
public async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
ApplicationUser user = await UserManager.GetUserAsync(context.Subject);
IList<string> roles = await UserManager.GetRolesAsync(user);
var claims = new List<Claim> {
// here you can include other properties such as id, email, address, etc. as part of the jwt claim types
new Claim(JwtClaimTypes.Email, user.Email),
new Claim(JwtClaimTypes.Name, $"{user.Firstname} {user.Lastname}")
};
foreach (string role in roles)
{
// include the roles
claims.Add(new Claim(JwtClaimTypes.Role, role));
}
context.IssuedClaims.AddRange(claims);
}
public Task IsActiveAsync(IsActiveContext context)
{
return Task.CompletedTask;
}
}
Add DI registration to Startup
services.AddTransient<IProfileService, ProfileService>();
Details in IdentityServer4 documentation
- How to disable the component hierarchy in Blazor?
- IdentityServer4 in IIS being recycled due to app_offline.htm when using discovery endpoint sometimes
- Interact with the Virtualize component
- Cannot resolve scoped service 'xx.IEnumerable`1[xx.IDbContextOptionsConfiguration`1[xx.ExampleDbContext]]...' after upgrading from .NET 8 to .NET 9
- How i can add endpoint (or сatch a request and check its path) to BCL?
- How does the "Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore" package resolves types which are in "Microsoft.AspNetCore.dll"?
- Customize output Serilog
- Unhandled exception. System.InvalidOperationException
- Is it possible to use ASP.NET Core within an F# fsx script?
- How to send data with the size more than Signalr message size limit in Blazor?
- IDX12723: Unable to decode the payload '[PII of type 'System.String' is hidden
- UpdateRange method of Entity Framework Core does not work
- How to enable CORS in ASP.net Core WebAPI
- Why does my CORS configuration still block datatables from consuming an API?
- .NET return JSON without reformating
- .NET 8 & SQL Server 2016 - Contains() throws error
- Multiple many-to-many and multiple one-to-one relationships in the same entities
- Unable to Select Custom User Class in Identity Scaffolding
- How to redirect to an ASP.NET Core Razor Page without using routes
- Username is already taken when actually it is not ASP.NET Core
- Cancellation Token Injection
- How to log using serilog to elasticsearch with Elastic.Serilog.Sinks in .net application
- Invoking SignalR from Postman
- How does the Form Tag Helper determine the rendered form action?
- How can I get a list of registered middleware in ASP.NET Core?
- Why does my ASP.NET Core 5 Razor Page return a 404 on IIS, but not in Visual Studio?
- Add Username into Serilog
- Serilog logging to different tables
- VS 2022 ASP.Net Core MVC Simple Bootstrap Menu Not Working
- SignalR does not send anything to clients in BackgroundService/StopAsync