When is the ProfileDataRequestContext.RequestedClaimTypes parameter not empty?

Question

When is the ProfileDataRequestContext.RequestedClaimTypes parameter not empty?

I am trying an IdentityServer4 demo project and I am adding user requests for ProfileDataRequestContext.IssuedClaims to IProfileService . One thing I noticed is that there is a collection of context.RequestedClaimTypes that is always empty in any resource / identity / scope configuration options I tried. Under what conditions is the data in this collection?

+5

identityserver4

dstr Feb 08 '17 at 8:56

source share

3 answers

If you define UserClaims in the definition of your ApiResources , they will be populated in context.RequestClaimTypes . For instance:

 new ApiResource { Name = "TestAPI", ApiSecrets = { new Secret("secret".Sha256()) }, UserClaims = { JwtClaimTypes.Email, JwtClaimTypes.EmailVerified, JwtClaimTypes.PhoneNumber, JwtClaimTypes.PhoneNumberVerified, JwtClaimTypes.GivenName, JwtClaimTypes.FamilyName, JwtClaimTypes.PreferredUserName }, Description = "Test API", DisplayName = "Test API", Enabled = true, Scopes = { new Scope("testApiScore) } }

Your ProfileDataRequestContext.RequestClaimTypes will then contain these request requests so that your Identity Server will execute as you see fit.

+7

Mashton Feb 10 '17 at 8:52

source share

I found out that if you set client.GetClaimsFromUserInfoEndpoint = true , and additional feedback is made to the endpoint /connect/userinfo , and the request requested the value " sub ".

-1

dstr Feb 09 '17 at 8:40

source share

dstr · Accepted Answer · 2017-04-18T07:11:35+0000

Answer: https://github.com/IdentityServer/IdentityServer4/issues/1067

Whenever you request a scope that has claims associated with it.

When is the ProfileDataRequestContext.RequestedClaimTypes parameter not empty?

More articles: