Using WIF, IClaimsPrincipal only gets One Claim in RP Application even if Multiple Claims are issued by STS Application RRS feed

  • Question

  • User-2040143113 posted


    I am returning 2 Claims from the STS Application (Name & Role) but RP is only showing 1 claim (Name).

    FederationMetadata.xml is Issuing those two claims. What am I missing:

    My STS code looks like this:

    protected override IClaimsIdentity GetOutputClaimsIdentity( IClaimsPrincipal principal, RequestSecurityToken request, Scope scope )
            if ( null == principal )
                throw new ArgumentNullException( "principal" );

            ClaimsIdentity outputIdentity = new ClaimsIdentity();

            outputIdentity.Claims.Add( new Claim( System.IdentityModel.Claims.ClaimTypes.Name, principal.Identity.Name ) );
            outputIdentity.Claims.Add( new Claim( ClaimTypes.Role, "Manager" ) );

            return outputIdentity;

    And from RP I am consuming Claims on load like this:

    IClaimsPrincipal claimsPrincipal = Page.User as IClaimsPrincipal;
    IClaimsIdentity claimsIdentity = ( IClaimsIdentity )claimsPrincipal.Identity;

    But my IClaimsIdentity contains only 1 Claim.

    I need to consume all the claims that are returned from STS in my RP Application.


    Wednesday, May 28, 2014 6:41 AM


  • User1779161005 posted

    Yes, it would probably be in .config. I'd suggest looking at the SAML token on the wire and inspecting what claims are really in there -- it's just XML and you shoul[d be able to capture it in your browser F12 tools as the user is redirected back from the STS to the RP.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Wednesday, May 28, 2014 8:36 AM
  • User1779161005 posted

    Not sure then -- something in your WIF code could be converting/stripping the claims. You will have to debug more.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, May 29, 2014 7:34 AM

All replies