Duende Software
Allow custom NameClaimType and RoleClaimType in LocalApiAuthenticationHandler.HandleAuthenticateAsync #501
Unanswered
bilenth
asked this question in
IdentityServer
Replies: 1 comment
-
|
@bilenth this can be configured by handling the I’m not sure how you’re setting up the local api, but since you're talking about the low level builder.Services.AddLocalApiAuthentication(principal =>
{
principal.Identities.First().AddClaim(new Claim("my-custom-scope", "my_local_api"));
return Task.FromResult(principal);
}); |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Currently, in the method
LocalApiAuthenticationHandler.HandleAuthenticateAsync, the ClaimsIdentityis instantiated with hardcoded claim types:https://github.com/DuendeSoftware/products/blame/cc5e631a3497bb3b4cc4efc7221de83c59cd0b50/identity-server/src/IdentityServer/Hosting/LocalApiAuthentication/LocalApiAuthenticationHandler.cs#L167
Request:
Could we make the NameClaimTypeand RoleClaimTypeconfigurable instead of being hardcoded to JwtClaimTypes.Nameand JwtClaimTypes.Role? This would allow developers to use custom claim types that better match their application's authentication schema.
Proposed Solution:
Add properties (e.g., NameClaimTypeand RoleClaimType) to the authentication options or handler configuration. These properties could then be used when creating the ClaimsIdentity. For example:
This change would provide greater flexibility for projects using different claim type identifiers.
Beta Was this translation helpful? Give feedback.
All reactions