ASP.NET SDK
The Identity Hub has a SDK for ASP.NET and ASP.NET MVC web sites.
For more information on how to configure an ASP.NET and ASP.NET MVC web project see
- Connect an ASP.NET and ASP.NET MVC web site using OAuth 2.0
- Connect an ASP.NET and ASP.NET MVC web site using WS Federation
Configuration
Configuration parameters when connecting using OAuth 2.0
You can download an example configuration for you application. See Connect an ASP.NET and ASP.NET MVC web site using OAuth 2.0 for more information.
| Parameter | Default | Description |
|---|---|---|
| TIH_baseUrl | The URL of The Identity Hub including the Tenant. https://www.theidentityhub.com/{tenant} | |
| TIH_clientId | The client_id to use in the OAuth 2.0 flows. See Connect an ASP.NET and ASP.NET MVC web site using OAuth 2.0 | |
| TIH_clientSecret | The client_secret to use in the OAuth 2.0 flows. See Connect an ASP.NET and ASP.NET MVC web site using OAuth 2.0 | |
| TIH_redirectUri | The base URL of the web application. This is the redirect_uri to use in the OAuth 2.0 flows. See Connect an ASP.NET and ASP.NET MVC web site using OAuth 2.0 | |
| TIH_useIdentification | false |
When true the user is identified upon returning to the site (not authenticated) if the user was authenticated on a previous visit, without the need to authenticate. |
| TIH_identificationExpires | 480 | The number of minutes the identification of a user is valid before the user must reauthenticate. |
| TIH_scopes | Extra scopes to request when authenticating users. | |
| TIH_unauthorizedAction | redirect | Use redirect when securing web applications. Use www-authenticate when securing services. |
| TIH_useOpenIdConnect | false |
When true used OpenID Connect to authenticate the user. |
| TIH_useSession | false |
When true, if the browser is closed and reopened the user will no longer be signed in. |
Parameters can also be set without the TIH_ prefix.
Configuration parameters when connecting using WS-Federation
To get an example web.config file with all parameters configured for an application see Connect an ASP.NET and ASP.NET MVC web site using WS Federation.
When using the ASP.NET SDK to get more information of the authenticated user (that is not available as claims when using WS-Federation to connect the application with The Identity Hub), the following configuration parameters also apply.
| Parameter | Default | Description |
|---|---|---|
| TIH_baseUrl | The URL of The Identity Hub including the Tenant. https://www.theidentityhub.com/{tenant} | |
| TIH_clientId | The client_id to use in the OAuth 2.0 flows. | |
| TIH_clientSecret | The client_secret to use in the OAuth 2.0 flows. | |
| TIH_redirectUri | The base URL of the web application. This is the redirect_uri to use in the OAuth 2.0 flows. |
Get information on the authenticated user
The ASP.NET SDK has a number of extension methods to get user information. For a complete list see ASP.NET SDK API
Roles
The SDK support the standard .NET IPrincipal.IsInRole(String) Method and thus all standard .NET role base authorization.
Calling The Identity Hub REST API to get more information
Initializing a TheIdentityHub.IdentityService instance
A. Initialize the TheIdentityHub.IdentityService without parameters
using TheIdentityHub;
var identityService = new IdentityService();
The constructor will use the configuration as set in the web.config file and try to get the Access Token from the access token claim on the current principal. If no such claim is found, an error will be thrown.
B. Initialize the TheIdentityHub.IdentityService with parameters
var clientId = "4a-aez54e6a4z65ed$";
// Your base URL
var baseUrl = new Uri("https://www.theidentityhub.com/ {tenant}");
// Access Token
var accessToken = "546465qzer-Lm";
// Initialize
var identityService = new IdentityService(clientId, baseUrl, accessToken);
For a complete list of constructor overloads see ASP.NET SDK API
Using TheIdentityHub.IdentityService
- Get profile information.
var profile = await identityService.GetProfileAsync();
- Update profile information.
await identityService.UpdateProfileAsync(profile);