ASP.NET Kernel - Adding a Role to a User

When asked what I did:

Create your own UserClaimStore (I only need this store, not others):

 public class MyIdentityStore : IUserClaimStore<IdentityUser> { private MyDbContext _myDbContext; private bool _disposed = false; public MyIdentityStore(MyDbContext myDbContext) { _myDbContext = myDbContext; } #region IUserClaimStore public Task<IList<Claim>> GetClaimsAsync(IdentityUser user, CancellationToken cancellationToken) { // logic here to retrieve claims from my own database using _myDbContext } // All other methods from interface throwing System.NotSupportedException. #endregion #region IDisposable Support protected virtual void Dispose(bool disposing) { /* do cleanup */ } #endregion } 

Then created his own ClaimTransformer:

 public class MyClaimsTransformer : IClaimsTransformer { private UserManager<IdentityUser> _userManager; public MyClaimsTransformer(UserManager<IdentityUser> userManager) { _userManager = userManager; } public async Task<ClaimsPrincipal> TransformAsync(ClaimsTransformationContext context) { var identity = ((ClaimsIdentity)context.Principal.Identity); // Accessing the UserClaimStore described above var claims = await _userManager.GetClaimsAsync(new IdentityUser(identity.Name)); identity.AddClaims(claims); return await Task.FromResult(context.Principal); } } 

Finally, in Startup.cs:

  public void ConfigureServices(IServiceCollection services) { /* All other stuff here */ // Adding Database connection services.AddDbContext<MyDbContext>(o => /* my options */); // Associates our database and store to identity services.AddIdentity<IdentityUser, IdentityRole>() .AddEntityFrameworkStores<MyDbContext>() .AddUserStore<MyIdentityStore>(); // Claims transformation from database to claims services.AddTransient<IClaimsTransformer, MyClaimsTransformer>(); } public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory) { /* All other stuff here */ app.UseIdentity(); app.UseClaimsTransformation(async (context) => { // Retrieve user claims from database IClaimsTransformer transformer = context.Context.RequestServices.GetRequiredService<IClaimsTransformer>(); return await transformer.TransformAsync(context); }); } 

And now I can freely use [Authorize(Roles = "MyRole")] or User.IsInRole("MyRole") or even User.HasClaim(/* */) !