I am implementing a user service that is storing user info in Azure Table storage. I would like to use a value for tenant ID as part of my partition key, but, the claims available in GetProfileDataAsync and IsActiveAsync are just 5 built in claims (sub, name, amr, idp, auth_time).
I get tenant ID from my identity provider and it's included as a claim in both my access token & identity token. How can I make it available to those methods?
答案 0 :(得分:4)
调用AuthenticateLocal时,返回AuthenticateResult以指示身份验证结果。如果成功,则使用接受subject和name值的ctor重载。还有一个可选的claims集合。如果您传递claims的值,那么您将自己的自定义声明添加到IdentityServer的身份验证Cookie。这些声明是Subject API GetProfile的一部分(假设这些API的请求是通过浏览器完成的,例如来自授权请求)。然后,您可以检查这些声明并以您想要的任何方式使用它们。
如果请求不是通过浏览器,则Subject上的唯一声明是用户的唯一ID(即sub声明)。