I am adding application specific claims in my Web Application OnValidateIdentity to Identity Sever's access token claims. I am grabbing the application specific claims for the logged in user querying the Database for every API call. Should I make the application specific claims to be injected in the token in Identity Server (to reduce the DB calls)?
Adding Application Specific claim after Web API Authentication (Identity Server)
327 Views Asked by Sabby62 At
1
There are 1 best solutions below
Related Questions in IDENTITYSERVER3
- Can we use/upgrade Duende Identity server for the .NET Framework applications (4.8/4.7 or below)?
- how to check Is2faEnabled in identity server while using connect/token for mobile login?
- Adding user to administrators group does not get read access to certificate
- Cookies are removed on page refresh (AngularJS)
- identity server auto-logout when user idle - not working
- Im getting an error on Google Login on Identity server
- PostAuthenticateAsync in Duende IdentityServer6
- Can Duende IdentityServer v6 be used in a .Net Framework Application?
- Identity Server - Multiple users with different access levels on different accounts
- Connecting .net 6 application with Identity Server 3
- How to migrate from IdentityServer3 to Duende IdentityServer6?
- Identity server 3 Windows authentication not working with current user
- iframe session issue in OIDC client
- IdentityServer 3 returns invalid_client when trying to authenticate with Blazor
- Use both Windows Authentication and Login forms in Same Identity as a service(IDaaS)
Related Questions in IDENTITYSERVER4
- Minimizing IdentityServer4 Round Trips in Microservice Architecture with Ocelot
- Problem with SSL Certificate when the .Net App calls itself in the docker container
- Login with twitter using identity server is not working when using openidconnect
- Call Databricks Api from IdentityServer4 client
- IdentityServer4 "Unknown location" when redirecting to client
- IdentityServer 4 - idsrv and idsrv.session cookies blocked on signin-oidc call
- Getting "A fatal error occurred while creating a TLS client credential. The internal error state is 10011" running IdentityServer4 in Production mode
- How to override application scopes with rolebased scopes from access token in identity server 4?
- NullInjectorError: No provider for PublicClientApplication! MSAL
- How can I get the access token from IdentityServer4 for an external login user which does not even have a password?
- Identity server redirection not working after token expired and getting 302 found
- Identity Server: Refresh Token for the currently Authenticated User
- Angular and ASP.NET OWIN with Azure AD
- How to generate Access Token or Authorization Code without user password in ABP Framework?
- How to NodeApi Authenticate and authorization using identity server 4
Related Questions in THINKTECTURE-IDENT-SERVER
- 1 I have no idea what causing the error in my android project. The error "Failed to start several time. Restore it by clearing its history."
- STs trusting other STS token
- Configure ASP.NET MVC 4 web app to use Identity Server 4
- Invalid_grant error when doing a Refresh_Token
- How to get application profile data into access token?
- How to exchange an refresh token for an access token .
- Adding Application Specific claim after Web API Authentication (Identity Server)
- Dynamic RedirectUri in identityserver3
- Redirecting with AngularJS/OIDC not working in IE 11
- IdentityServer4 Multiple Claims Generation (Specific Scenario)
- Bearer was not authenticated: Signature validation failed
- Identity server 3 client with mvc and api not refreshing access token
- Access token for API controller inside Identity server itself
- Thinktecture IdentityServer3 Windows Auth call never returns a result
- Identity Server 4: adding claims to access token
Related Questions in THINKTECTURE
- What's the format of sid issued by IdentityServer4?
- How to exchange an refresh token for an access token .
- Adding Application Specific claim after Web API Authentication (Identity Server)
- Umbraco + OpenId + Thinktecture Puzzle
- ADFS + IdentityServer3 + Mobile + MVC
- Implementing ASP.Net Web Forms App with Identity Server 3 (possibly Thinktecture or not?)
- how to disable auto login in thinktecture IdentityServer
- Configuring ASP.Net Core to authenticate using OIDC against Thinktecture V2
- ASP.Net MVC 5 How to encrypt JWT Tokens
- Thinktecture IdentityManager doesn't work on IIS
- install-package Thinktecture.IdentityServer3 command gives error in visual studio package manager console?
- SSO between ASP.Net MVC and Flex applications
- thinktecture IdentityServer "remember me" configuration
- How to Configure IdentityManager
- How to expand maxclockskew for Issuing a security token in 'Thinktecture.IdentityModel.WSTrust' using 'UserNameWSTrustBinding'?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Identity Server Token should only contain claims about the user. It should be ok to query the application specific claims when the token received. You can introduce a caching layer to reduce DB calls if that is a concern.
But if you have really valid reason these rules can be broken and add application-specific claims at identity server. (e.g: settings shared by multiple apps).