2

For example, client send requests for an access token with the additional field location: USA. Where can I store that field, which would then passes back to my server from a client? I mean, that field must present in all requests, but certain values can differs.

Example request:

POST /connect/token

formData: { client_id: 'some_id', client_secret: 'some_secret', grant_type: 'client_credentials', scope: 'some_scope', location: 'USA' }

Response:

{ "access_token": "", "expires_in": 43200, "token_type": "Bearer" }

Payload of decoded token

{ "nbf": 1517821102, "exp": 1517864302, "iss": "", "aud": [], "client_id": "some_id", "scope": [ "some_scope" ], "location": 'USA' }

I am using IdentityServer 4 on ASP.NET Core

Improve this question
6
  • What do you mean by 'certain values can differ'? Commented Feb 5, 2018 at 16:48
  • @RuardvanElburg I mean that location can be not only USA, but e.g. other countries. Commented Feb 5, 2018 at 19:42
  • If the location is fixed per client then you can add this as claim in the ClientClaims table. Commented Feb 5, 2018 at 21:24
  • @RuardvanElburg that's the problem, location isn't fixed, client can choose any location from the list presented. Commented Feb 6, 2018 at 9:09
  • How can the client choose as this is an automated process? And why would it change? If some user interaction is involved you may not be using the right flow. In any case it seems that this information shouldn't be part of the token but should rather be send as parameter on each query. Values that can change frequently shouldn't be stored in the token. Commented Feb 6, 2018 at 9:30

1 Answer 1

Reset to default
1

You should be able to implement a custom IProfileService and set the IssuedClaims property of the ProfileDataRequestContext. This should enable you to send custom claims within the access token. See the documentation for more info.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Thanks, I'll try it!

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.