Represents a claims-based identity.
public ref class ClaimsIdentity : System::Security::Principal::IIdentity
[System.Runtime.InteropServices.ComVisible(true)] [Serializable] public class ClaimsIdentity : System.Security.Principal.IIdentity
type ClaimsIdentity = class interface IIdentity
Public Class ClaimsIdentity Implements IIdentity
The ClaimsIdentity class is a concrete implementation of a claims-based identity; that is, an identity described by a collection of claims. A claim is a statement about an entity made by an issuer that describes a property, right, or some other quality of that entity. Such an entity is said to be the subject of the claim. A claim is represented by the Claim class. The claims contained in a ClaimsIdentity describe the entity that the corresponding identity represents, and can be used to make authorization and authentication decisions. A claims-based access model has many advantages over more traditional access models that rely exclusively on roles. For example, claims can provide much richer information about the identity they represent and can be evaluated for authorization or authentication in a far more specific manner.
Beginning with .NET Framework 4.5, Windows Identity Foundation (WIF) and claims-based identity have been fully integrated into the .NET Framework. This means that many classes that represent an identity in the .NET Framework now derive from ClaimsIdentity and describe their properties through a collection of claims. This is different from previous versions of the .NET Framework, in which, these classes implemented the IIdentity interface directly. The collection of claims that describe the identity can be accessed through the Claims property. The ClaimsIdentity class provides several methods for finding and modifying claims and fully supports language integrated queries (LINQ). In application code, ClaimsIdentity objects are typically accessed through ClaimsPrincipal objects; for example, the principal returned by Thread.CurrentPrincipal.
The ClaimsPrincipal class has a Claims property as well. In the majority of cases you should access the user’s claims through the ClaimsPrincipal.Claims collection rather than through the Claims collection. You will need to access the claims of an individual ClaimsIdentity only in the cases where the principal contains more than one ClaimsIdentity and you need to evaluate or modify a specific identity.
To add or remove claims from the Claims collection, a caller must have full trust.
In the claims-based model, the IIdentity.Name property and the IPrincipal.IsInRole(String) method are implemented by evaluating the claims contained by an identity. The base implementations in the claims-based model are provided by the ClaimsIdentity.Name property and the ClaimsPrincipal.IsInRole method. The NameClaimType and RoleClaimType properties enable you to specify a claim type that should be used to evaluate the claims contained by the identity when performing these operations.
|DefaultIssuer DefaultIssuer DefaultIssuer DefaultIssuer||
The default issuer; "LOCAL AUTHORITY".
|DefaultNameClaimType DefaultNameClaimType DefaultNameClaimType DefaultNameClaimType||
The default name claim type; Name.
|DefaultRoleClaimType DefaultRoleClaimType DefaultRoleClaimType DefaultRoleClaimType||
The default role claim type; Role.
|Actor Actor Actor Actor||
Gets or sets the identity of the calling party that was granted delegation rights.
|AuthenticationType AuthenticationType AuthenticationType AuthenticationType||
Gets the authentication type.
|BootstrapContext BootstrapContext BootstrapContext BootstrapContext||
Gets or sets the token that was used to create this claims identity.
|Claims Claims Claims Claims||
Gets the claims associated with this claims identity.
|CustomSerializationData CustomSerializationData CustomSerializationData CustomSerializationData||
Contains any additional data provided by a derived type. Typically set when calling WriteTo(BinaryWriter, Byte).
|IsAuthenticated IsAuthenticated IsAuthenticated IsAuthenticated||
Gets a value that indicates whether the identity has been authenticated.
|Label Label Label Label||
Gets or sets the label for this claims identity.
|Name Name Name Name||
Gets the name of this claims identity.
|NameClaimType NameClaimType NameClaimType NameClaimType||
Gets the claim type that is used to determine which claims provide the value for the Name property of this claims identity.
|RoleClaimType RoleClaimType RoleClaimType RoleClaimType||
Gets the claim type that will be interpreted as a .NET Framework role among the claims in this claims identity.