brentschmaltz
commented
1 year ago @Tratcher the only way to do this today is for an industrious user to override IssuerValidator and return the issuer to use. This a bit too much work and could lead to issues with our AadIssuerValidator that cleverly figures out some AAD issues.
Seem pretty straightforward, i'll see what we can do.
kevinchalet
Is your feature request related to a problem? Please describe. https://github.com/dotnet/aspnetcore/issues/41589
Some customers are requesting to be able to customize the Claim Issuer field when generating an identity. They want this to match another field in their application (the Authentication Scheme name) for later reference. Today the field is always set to the token issuer. https://learn.microsoft.com/en-us/dotnet/api/system.security.claims.claim.issuer?view=net-7.0#system-security-claims-claim-issuer https://learn.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.builder.authenticationoptions.claimsissuer?view=aspnetcore-1.1&viewFallbackFrom=aspnetcore-7.0
Describe the solution you'd like TokenValidationParamaters would need a new API to enable setting the Claim Issuer field: public string? ClaimsIssuer { get; set; }
If not set, the default would be the same as today, the token issuer.
Describe alternatives you've considered Modifying the claims after the fact is difficult because claims are read-only objects.