ClaimsAuthenticationManager Class

[Starting with the .NET Framework 4.5, Windows Identity Foundation (WIF) has been fully integrated into the .NET Framework. The version of WIF addressed by this topic, WIF 3.5, is deprecated and should only be used when developing against the .NET Framework 3.5 SP1 or the .NET Framework 4. For more information about WIF in the .NET Framework 4.5, also known as WIF 4.5, see the Windows Identity Foundation documentation in the .NET Framework 4.5 Development Guide.]

Defines the base implementation for a claims authentication manager.

Namespace: Microsoft.IdentityModel.Claims
Assembly: Microsoft.IdentityModel (in Microsoft.IdentityModel.dll)


Dim instance As ClaimsAuthenticationManager


Public Class ClaimsAuthenticationManager
public class ClaimsAuthenticationManager
public ref class ClaimsAuthenticationManager
public class ClaimsAuthenticationManager
public class ClaimsAuthenticationManager


The claims authentication manager provides an extensibility point in the RP processing pipeline that you can use to filter, modify, or inject new claims into the set of claims presented by an IClaimsPrincipal before the RP application is called. You can even return a custom implementation of IClaimsPrincipal if your RP application requires it. The default implementation provided by the ClaimsAuthenticationManager class returns the claims in the IClaimsPrincipal unmodified; however, you can derive from this class and override the Authenticate method to modify the claims presented by the claims principal (or to return a custom IClaimsPrincipal).

You can configure your application to use a claims authentication manager either programmatically by using the ServiceConfiguration class or in configuration with the <claimsAuthenticationManager> element (which is a subelement of the <applicationService> element). Configuring your application to use a claims authentication manager ensures that it will be invoked by Windows® Identity Foundation (WIF) from the request pipeline.

For more information, see ClaimsAuthenticationManager, ClaimsAuthorizationManager, and OriginalIssuer. The Using Claims in IsInRole SDK sample in the <Installation Directory>\Windows Identity Foundation SDK\<Version>\Samples\Extensibility directory provides an implementation of a custom claims authentication manager.

Inheritance Hierarchy


Thread Safety

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.


Target Platforms

Windows 7, Windows Server 2008 R2, Windows Vista SP2, Windows Server 2008 SP2, Windows Server 2003 SP2 (32-bit or 64-bit)

See Also


ClaimsAuthenticationManager Members
Microsoft.IdentityModel.Claims Namespace

Other Resources

Building Relying Party Applications
ClaimsAuthenticationManager, ClaimsAuthorizationManager, and OriginalIssuer
WCF Application Compatibility
Frequently Asked Questions
WS-Federated Authentication Module Overview

Copyright © 2008 by Microsoft Corporation. All rights reserved.