Getting custom claim value from bearer token (Web API)

asp.net asp.net-web-api claims-based-identity bearer-token
Impworks picture Impworks · Oct 27, 2014 · Viewed 15.5k times · Source

In my ASP.NET Web API project I'm using bearer token authorization and I have added some custom claims to it, like this:

var authType = AuthConfig.OAuthOptions.AuthenticationType;
var identity = new ClaimsIdentity(authType);
identity.AddClaim(new Claim(ClaimTypes.Name, vm.Username));

// custom claim
identity.AddClaim(new Claim("CompanyID", profile.CompanyId.ToString()));

Is there any way I can access this additional claim value in the controller without an extra trip to the database?

Answer

Taiseer Joudeh picture Taiseer Joudeh · Oct 27, 2014

Sure, inside your protected controller you do the following:

 ClaimsPrincipal principal = Request.GetRequestContext().Principal as ClaimsPrincipal;
 var customClaimValue = principal.Claims.Where(c => c.Type == "CompanyID").Single().Value;

Related questions

Why is my ClaimsIdentity IsAuthenticated always false (for web api Authorize filter)?

In a Web API project I am overriding the normal authentication process to check tokens instead. The code looks something like this: if ( true ) // validate the token or whatever here { var claims = new List<Claim>(); claims.Add( new …

Read More
POSTing JsonObject With HttpClient From Web API

I'm trying to POST a JsonObject using HttpClient from Web API. I'm not quite sure how to go about this and can't find much in the way of sample code. Here's what I have so far: var myObject = (dynamic)new …

Read More
How should I pass multiple parameters to an ASP.Net Web API GET?

I am using the .Net MVC4 Web API to (hopefully) implement a RESTful api. I need to pass in a few parameters to the system and have it perform some action, then return a list of objects as the results. …

Read More