SessionSecurityTokenHandler.ValidateToken SessionSecurityTokenHandler.ValidateToken SessionSecurityTokenHandler.ValidateToken SessionSecurityTokenHandler.ValidateToken Method

Definition

Validates a token and returns its claims.

Overloads

ValidateToken(SecurityToken) ValidateToken(SecurityToken) ValidateToken(SecurityToken) ValidateToken(SecurityToken)

Validates the specified token and returns its claims.

ValidateToken(SessionSecurityToken, String) ValidateToken(SessionSecurityToken, String) ValidateToken(SessionSecurityToken, String) ValidateToken(SessionSecurityToken, String)

Validates the specified session token and returns its claims.

ValidateToken(SecurityToken) ValidateToken(SecurityToken) ValidateToken(SecurityToken) ValidateToken(SecurityToken)

Validates the specified token and returns its claims.

public:
 override System::Collections::ObjectModel::ReadOnlyCollection<System::Security::Claims::ClaimsIdentity ^> ^ ValidateToken(System::IdentityModel::Tokens::SecurityToken ^ token);
public override System.Collections.ObjectModel.ReadOnlyCollection<System.Security.Claims.ClaimsIdentity> ValidateToken (System.IdentityModel.Tokens.SecurityToken token);
override this.ValidateToken : System.IdentityModel.Tokens.SecurityToken -> System.Collections.ObjectModel.ReadOnlyCollection<System.Security.Claims.ClaimsIdentity>
Public Overrides Function ValidateToken (token As SecurityToken) As ReadOnlyCollection(Of ClaimsIdentity)

Parameters

token
SecurityToken SecurityToken SecurityToken SecurityToken

The token to be validated. Must be assignable from SessionSecurityToken.

Returns

The identities that are contained in the token.

Exceptions

Remarks

Invokes the ValidateSession method to validate the token.

See also

ValidateToken(SessionSecurityToken, String) ValidateToken(SessionSecurityToken, String) ValidateToken(SessionSecurityToken, String) ValidateToken(SessionSecurityToken, String)

Validates the specified session token and returns its claims.

public:
 virtual System::Collections::ObjectModel::ReadOnlyCollection<System::Security::Claims::ClaimsIdentity ^> ^ ValidateToken(System::IdentityModel::Tokens::SessionSecurityToken ^ token, System::String ^ endpointId);
public virtual System.Collections.ObjectModel.ReadOnlyCollection<System.Security.Claims.ClaimsIdentity> ValidateToken (System.IdentityModel.Tokens.SessionSecurityToken token, string endpointId);
override this.ValidateToken : System.IdentityModel.Tokens.SessionSecurityToken * string -> System.Collections.ObjectModel.ReadOnlyCollection<System.Security.Claims.ClaimsIdentity>
Public Overridable Function ValidateToken (token As SessionSecurityToken, endpointId As String) As ReadOnlyCollection(Of ClaimsIdentity)

Parameters

endpointId
String String String String

The identifier of the endpoint to which the token is scoped.

Returns

The identities that are contained in the token.

Exceptions

The EndpointId property of the specified token is not null or empty and its value is different than that specified by the endpointId parameter.

Remarks

Performs a check to make sure that the specified token is scoped for the specified endpoint ID and, if so, invokes the SessionSecurityTokenHandler.ValidateToken(SecurityToken) method; otherwise, throws a SecurityTokenException.

Important

Session tokens that have an EndpointId property that is null or empty are considered to be globally scoped. This presents a potential security risk. For this reason you should make sure that the EndpointId property is set in your session tokens.

See also

Applies to