Get the current user, within an ApiController action, without passing the userID as a parameter

Shaun Luttin picture Shaun Luttin · Feb 7, 2014 · Viewed 132.9k times · Source

How do we get the current user, within an secure ApiController action, without passing the userName or userId as a parameter?

We assume that this is available, because we are within a secure action. Being in a secure action means that the user has already authenticated and the request has her bearer token. Given that WebApi has authorized the user, there may be a built in way to access the userId, without having to pass it as an action parameter.

Answer

Darrel Miller picture Darrel Miller · Feb 7, 2014

In WebApi 2 you can use RequestContext.Principal from within a method on ApiController