AI OnAI Off

How are epi using Claims for NameIdentifer and Name for synched users in backoffice ui?

Andreas Litzell Ivarsson
Andreas Litzell Ivarsson
Vote:
 

Hi!

I´m trying to figure out how epi using the claims. 

In the upper right corner of administration interface epi is showing current logged in user

I´m using Auth0 to login to epi now, and my value for the claims below has an unique-id-value instead of the actual name of person. Then epi is printing this instead of actual name to interface.

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name 

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier

If I change name-claim above to user given name, this will shown correct in epi interface, but will give me the given name in the UserName column in dbo.tblSynchedUser which will not give a proper result if we have multiple users with the same name. If I change nameidentifier nothing is changing in epi or in the dbo.tblSynchedUser

How should I set the claims correct to have the Username column unique AND the given name in the administration interface?

#193601
Edited, Jun 01, 2018 9:21
Johan Björnfot
Johan Björnfot
Vote:
 

A user is default synchronized so the name is taken from ClaimsIdentity.Name (if you reflect that implemenation then you can see that it reads the claim with type http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name)

The other claims that is automatically synched (if they are present) are specified by EPiServer.Security.ClaimTypeOptions, which looks like:

/// <summary>
    /// Defines claim types that are synchronized to cms for a user.
    /// </summary>
    /// <remarks>
    /// By default is claim types defined in <see cref="ClaimTypes"/> used.
    /// </remarks>
    [Options]
    public class ClaimTypeOptions
    {
        /// <summary>
        /// The claim type for email
        /// </summary>
        /// <remarks>
        /// Default value is <see cref="ClaimTypes.Email"/>
        /// </remarks>
        public string Email { get; set; } = ClaimTypes.Email;

        /// <summary>
        /// The claim type for GivenName
        /// </summary>
        /// <remarks>
        /// Default value is <see cref="ClaimTypes.GivenName"/>
        /// </remarks>
        public string GivenName { get; set; } = ClaimTypes.GivenName;

        /// <summary>
        /// The claim type for Surname
        /// </summary>
        /// <remarks>
        /// Default value is <see cref="ClaimTypes.Surname"/>
        /// </remarks>
        public string Surname { get; set; } = ClaimTypes.Surname;
    }
#193613
Jun 01, 2018 10:45
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.