November Happy Hour will be moved to Thursday December 5th.

AI OnAI Off

How are epi using Claims for NameIdentifer and Name for synched users in backoffice ui?

Andreas Litzell Ivarsson
Andreas Litzell Ivarsson
Vote:
 

Hi!

I´m trying to figure out how epi using the claims. 

In the upper right corner of administration interface epi is showing current logged in user

I´m using Auth0 to login to epi now, and my value for the claims below has an unique-id-value instead of the actual name of person. Then epi is printing this instead of actual name to interface.

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name 

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier

If I change name-claim above to user given name, this will shown correct in epi interface, but will give me the given name in the UserName column in dbo.tblSynchedUser which will not give a proper result if we have multiple users with the same name. If I change nameidentifier nothing is changing in epi or in the dbo.tblSynchedUser

How should I set the claims correct to have the Username column unique AND the given name in the administration interface?

#193601
Edited, Jun 01, 2018 9:21
Johan Björnfot
Johan Björnfot
Vote:
 

A user is default synchronized so the name is taken from ClaimsIdentity.Name (if you reflect that implemenation then you can see that it reads the claim with type http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name)

The other claims that is automatically synched (if they are present) are specified by EPiServer.Security.ClaimTypeOptions, which looks like:

/// <summary>
    /// Defines claim types that are synchronized to cms for a user.
    /// </summary>
    /// <remarks>
    /// By default is claim types defined in <see cref="ClaimTypes"/> used.
    /// </remarks>
    [Options]
    public class ClaimTypeOptions
    {
        /// <summary>
        /// The claim type for email
        /// </summary>
        /// <remarks>
        /// Default value is <see cref="ClaimTypes.Email"/>
        /// </remarks>
        public string Email { get; set; } = ClaimTypes.Email;

        /// <summary>
        /// The claim type for GivenName
        /// </summary>
        /// <remarks>
        /// Default value is <see cref="ClaimTypes.GivenName"/>
        /// </remarks>
        public string GivenName { get; set; } = ClaimTypes.GivenName;

        /// <summary>
        /// The claim type for Surname
        /// </summary>
        /// <remarks>
        /// Default value is <see cref="ClaimTypes.Surname"/>
        /// </remarks>
        public string Surname { get; set; } = ClaimTypes.Surname;
    }
#193613
Jun 01, 2018 10:45
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.