Claims Based Authentication

Jon G asked on July 18, 2016 16:18

My team have built a Kentico V9 website which used the Claims Based Authentication.

We have successfully integrated the Kentico Website to the ADFS provider.

There is a requirement to take more information from the token information returned by ADFS and populate the Kentico User profile with it.

I know Kentico takes the Username and Email from the token, but I was wondering if it was possible to write custom code to be able to get more information from the token.

Is the token accessible in this custom event for example https://docs.kentico.com/display/K9/Handling+custom+claims-based+authentication

authentication claims

Recent Answers

Michal Samuhel answered on July 18, 2016 17:11

Hi Jon,

This is based on a reply within support ticket. Unfortunately this is not directly possible with our authentication. By default only the values the whole provider provides only only username and password and gets roles based on that so you would need to modify source code as the code looks like:

// Validate the user against AD if (membershipProvider.ValidateUser(username, password)) { // Get the roles if the roles are to be imported string[] roles = null; if (!FederationAuthentication && ImportWindowsRoles) { roles = GetUserADRoles(username, roleProvider); }

You can try using custom security handler to get other user data from AD and push it into the system:

https://docs.kentico.com/display/K9/Handling+custom+external+authentication

Or what I had seen more times with other customers is to configure ADImortToolkit to import users and data first time and then to call it on regular bases to Keep AD and Kentico users in synch.

0 votesVote for this answer Mark as a Correct answer