ClaimsIdentity ClaimsIdentity ClaimsIdentity ClaimsIdentity Class

Definition

Represents a claims-based identity.

public ref class ClaimsIdentity : System::Security::Principal::IIdentity
[System.Runtime.InteropServices.ComVisible(true)]
[Serializable]
public class ClaimsIdentity : System.Security.Principal.IIdentity
type ClaimsIdentity = class
    interface IIdentity
Public Class ClaimsIdentity
Implements IIdentity
Inheritance
ClaimsIdentityClaimsIdentityClaimsIdentityClaimsIdentity
Attributes
ComVisibleAttribute SerializableAttribute
Implements

Remarks

The ClaimsIdentity class is a concrete implementation of a claims-based identity; that is, an identity described by a collection of claims. A claim is a statement about an entity made by an issuer that describes a property, right, or some other quality of that entity. Such an entity is said to be the subject of the claim. A claim is represented by the Claim class. The claims contained in a ClaimsIdentity describe the entity that the corresponding identity represents, and can be used to make authorization and authentication decisions. A claims-based access model has many advantages over more traditional access models that rely exclusively on roles. For example, claims can provide much richer information about the identity they represent and can be evaluated for authorization or authentication in a far more specific manner.

Beginning with .NET Framework 4.5, Windows Identity Foundation (WIF) and claims-based identity have been fully integrated into the .NET Framework. This means that many classes that represent an identity in the .NET Framework now derive from ClaimsIdentity and describe their properties through a collection of claims. This is different from previous versions of the .NET Framework, in which, these classes implemented the IIdentity interface directly. The collection of claims that describe the identity can be accessed through the Claims property. The ClaimsIdentity class provides several methods for finding and modifying claims and fully supports language integrated queries (LINQ). In application code, ClaimsIdentity objects are typically accessed through ClaimsPrincipal objects; for example, the principal returned by Thread.CurrentPrincipal.

Note

The ClaimsPrincipal class has a Claims property as well. In the majority of cases you should access the user’s claims through the ClaimsPrincipal.Claims collection rather than through the Claims collection. You will need to access the claims of an individual ClaimsIdentity only in the cases where the principal contains more than one ClaimsIdentity and you need to evaluate or modify a specific identity.

Important

To add or remove claims from the Claims collection, a caller must have full trust.

In the claims-based model, the IIdentity.Name property and the IPrincipal.IsInRole(String) method are implemented by evaluating the claims contained by an identity. The base implementations in the claims-based model are provided by the ClaimsIdentity.Name property and the ClaimsPrincipal.IsInRole method. The NameClaimType and RoleClaimType properties enable you to specify a claim type that should be used to evaluate the claims contained by the identity when performing these operations.

Delegation scenarios are supported through the Actor and BootstrapContext properties.

Constructors

ClaimsIdentity() ClaimsIdentity() ClaimsIdentity() ClaimsIdentity()

Initializes a new instance of the ClaimsIdentity class with an empty claims collection.

ClaimsIdentity(BinaryReader) ClaimsIdentity(BinaryReader) ClaimsIdentity(BinaryReader) ClaimsIdentity(BinaryReader)

Initializes an instance of ClaimsIdentity with the specified BinaryReader.

ClaimsIdentity(ClaimsIdentity) ClaimsIdentity(ClaimsIdentity) ClaimsIdentity(ClaimsIdentity) ClaimsIdentity(ClaimsIdentity)

Initializes a new instance of the ClaimsIdentity class from an existing ClaimsIdentity instance.

ClaimsIdentity(IEnumerable<Claim>) ClaimsIdentity(IEnumerable<Claim>) ClaimsIdentity(IEnumerable<Claim>) ClaimsIdentity(IEnumerable<Claim>)

Initializes a new instance of the ClaimsIdentity class using an enumerated collection of Claim objects.

ClaimsIdentity(IEnumerable<Claim>, String) ClaimsIdentity(IEnumerable<Claim>, String) ClaimsIdentity(IEnumerable<Claim>, String) ClaimsIdentity(IEnumerable<Claim>, String)

Initializes a new instance of the ClaimsIdentity class with the specified claims and authentication type.

ClaimsIdentity(IEnumerable<Claim>, String, String, String) ClaimsIdentity(IEnumerable<Claim>, String, String, String) ClaimsIdentity(IEnumerable<Claim>, String, String, String) ClaimsIdentity(IEnumerable<Claim>, String, String, String)

Initializes a new instance of the ClaimsIdentity class with the specified claims, authentication type, name claim type, and role claim type.

ClaimsIdentity(IIdentity) ClaimsIdentity(IIdentity) ClaimsIdentity(IIdentity) ClaimsIdentity(IIdentity)

Initializes a new instance of the ClaimsIdentity class using the name and authentication type from the specified IIdentity.

ClaimsIdentity(IIdentity, IEnumerable<Claim>) ClaimsIdentity(IIdentity, IEnumerable<Claim>) ClaimsIdentity(IIdentity, IEnumerable<Claim>) ClaimsIdentity(IIdentity, IEnumerable<Claim>)

Initializes a new instance of the ClaimsIdentity class using the specified claims and the specified IIdentity.

ClaimsIdentity(IIdentity, IEnumerable<Claim>, String, String, String) ClaimsIdentity(IIdentity, IEnumerable<Claim>, String, String, String) ClaimsIdentity(IIdentity, IEnumerable<Claim>, String, String, String) ClaimsIdentity(IIdentity, IEnumerable<Claim>, String, String, String)

Initializes a new instance of the ClaimsIdentity class from the specified IIdentity using the specified claims, authentication type, name claim type, and role claim type.

ClaimsIdentity(SerializationInfo) ClaimsIdentity(SerializationInfo) ClaimsIdentity(SerializationInfo) ClaimsIdentity(SerializationInfo)

Initializes a new instance of the ClaimsIdentity class from a serialized stream created by using ISerializable.

ClaimsIdentity(SerializationInfo, StreamingContext) ClaimsIdentity(SerializationInfo, StreamingContext) ClaimsIdentity(SerializationInfo, StreamingContext) ClaimsIdentity(SerializationInfo, StreamingContext)

Initializes a new instance of the ClaimsIdentity class from a serialized stream created by using ISerializable.

ClaimsIdentity(String) ClaimsIdentity(String) ClaimsIdentity(String) ClaimsIdentity(String)

Initializes a new instance of the ClaimsIdentity class with an empty claims collection and the specified authentication type.

ClaimsIdentity(String, String, String) ClaimsIdentity(String, String, String) ClaimsIdentity(String, String, String) ClaimsIdentity(String, String, String)

Initializes a new instance of the ClaimsIdentity class with the specified authentication type, name claim type, and role claim type.

Fields

DefaultIssuer DefaultIssuer DefaultIssuer DefaultIssuer

The default issuer; "LOCAL AUTHORITY".

DefaultNameClaimType DefaultNameClaimType DefaultNameClaimType DefaultNameClaimType

The default name claim type; Name.

DefaultRoleClaimType DefaultRoleClaimType DefaultRoleClaimType DefaultRoleClaimType

The default role claim type; Role.

Properties

Actor Actor Actor Actor

Gets or sets the identity of the calling party that was granted delegation rights.

AuthenticationType AuthenticationType AuthenticationType AuthenticationType

Gets the authentication type.

BootstrapContext BootstrapContext BootstrapContext BootstrapContext

Gets or sets the token that was used to create this claims identity.

Claims Claims Claims Claims

Gets the claims associated with this claims identity.

CustomSerializationData CustomSerializationData CustomSerializationData CustomSerializationData

Contains any additional data provided by a derived type. Typically set when calling WriteTo(BinaryWriter, Byte[]).

IsAuthenticated IsAuthenticated IsAuthenticated IsAuthenticated

Gets a value that indicates whether the identity has been authenticated.

Label Label Label Label

Gets or sets the label for this claims identity.

Name Name Name Name

Gets the name of this claims identity.

NameClaimType NameClaimType NameClaimType NameClaimType

Gets the claim type that is used to determine which claims provide the value for the Name property of this claims identity.

RoleClaimType RoleClaimType RoleClaimType RoleClaimType

Gets the claim type that will be interpreted as a .NET Framework role among the claims in this claims identity.

Methods

AddClaim(Claim) AddClaim(Claim) AddClaim(Claim) AddClaim(Claim)

Adds a single claim to this claims identity.

AddClaims(IEnumerable<Claim>) AddClaims(IEnumerable<Claim>) AddClaims(IEnumerable<Claim>) AddClaims(IEnumerable<Claim>)

Adds a list of claims to this claims identity.

Clone() Clone() Clone() Clone()

Returns a new ClaimsIdentity copied from this claims identity.

CreateClaim(BinaryReader) CreateClaim(BinaryReader) CreateClaim(BinaryReader) CreateClaim(BinaryReader)

Provides an extensibility point for derived types to create a custom Claim.

Equals(Object) Equals(Object) Equals(Object) Equals(Object)

Determines whether the specified object is equal to the current object.

(Inherited from Object)
FindAll(Predicate<Claim>) FindAll(Predicate<Claim>) FindAll(Predicate<Claim>) FindAll(Predicate<Claim>)

Retrieves all of the claims that are matched by the specified predicate.

FindAll(String) FindAll(String) FindAll(String) FindAll(String)

Retrieves all of the claims that have the specified claim type.

FindFirst(Predicate<Claim>) FindFirst(Predicate<Claim>) FindFirst(Predicate<Claim>) FindFirst(Predicate<Claim>)

Retrieves the first claim that is matched by the specified predicate.

FindFirst(String) FindFirst(String) FindFirst(String) FindFirst(String)

Retrieves the first claim with the specified claim type.

GetHashCode() GetHashCode() GetHashCode() GetHashCode()

Serves as the default hash function.

(Inherited from Object)
GetObjectData(SerializationInfo, StreamingContext) GetObjectData(SerializationInfo, StreamingContext) GetObjectData(SerializationInfo, StreamingContext) GetObjectData(SerializationInfo, StreamingContext)

Populates the SerializationInfo with data needed to serialize the current ClaimsIdentity object.

GetType() GetType() GetType() GetType()

Gets the Type of the current instance.

(Inherited from Object)
HasClaim(Predicate<Claim>) HasClaim(Predicate<Claim>) HasClaim(Predicate<Claim>) HasClaim(Predicate<Claim>)

Determines whether this claims identity has a claim that is matched by the specified predicate.

HasClaim(String, String) HasClaim(String, String) HasClaim(String, String) HasClaim(String, String)

Determines whether this claims identity has a claim with the specified claim type and value.

MemberwiseClone() MemberwiseClone() MemberwiseClone() MemberwiseClone()

Creates a shallow copy of the current Object.

(Inherited from Object)
RemoveClaim(Claim) RemoveClaim(Claim) RemoveClaim(Claim) RemoveClaim(Claim)

Attempts to remove a claim from the claims identity.

ToString() ToString() ToString() ToString()

Returns a string that represents the current object.

(Inherited from Object)
TryRemoveClaim(Claim) TryRemoveClaim(Claim) TryRemoveClaim(Claim) TryRemoveClaim(Claim)

Attempts to remove a claim from the claims identity.

WriteTo(BinaryWriter) WriteTo(BinaryWriter) WriteTo(BinaryWriter) WriteTo(BinaryWriter)

Serializes using a BinaryWriter.

WriteTo(BinaryWriter, Byte[]) WriteTo(BinaryWriter, Byte[]) WriteTo(BinaryWriter, Byte[]) WriteTo(BinaryWriter, Byte[])

Serializes using a BinaryWriter.

Applies to

See Also