[EDIT by guardrex to add topic metadata]

Content

Steps for customizing the user bound to the application.

• Create a class YourAccount that extends the Account class.

  public class YourAccount : Account
  {
      [JsonPropertyName("amr")]
      public string[] AuthenticationMethod { get; set; }
  }

• Create a class YourUserFactory that extends AccountClaimsPrincipalFactory<YourAccount>

  public class YourAccountFactory : AccountClaimsPrincipalFactory<OidcAccount>
  {
      public AccountClaimsPrincipalFactory(NavigationManager navigationManager, IAccessTokenProviderAccessor accessor)
          : base(accessor)
      {
      }
  
      public async override ValueTask<ClaimsPrincipal> CreateUserAsync(
          OidcAccount account,
          RemoteAuthenticationUserOptions options)
      {
          var initialUser = await base.CreateUserAsync(account, options);
  
          if (initialUser.Identity.IsAuthenticated)
          {
              foreach (var value in account.AuthenticationMethod)
              {
                  ((ClaimsIdentity)initialUser.Identity).AddClaim(new Claim("amr", value));
              }
         }
     }
  }

• Call

  services.AddApiAuthorization<RemoteAuthenticationState, YourAccount>()
      .AddUserFactory<RemoteAuthenticationState, YourAccount, YourUserFactory>();

Document details

⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

• ID: f34f7534-347a-5752-3127-fd774abea530
• Version Independent ID: af2c6c8a-d398-0202-4c28-cd5e15ce5219
• Content: Secure ASP.NET Core Blazor WebAssembly
• Content Source: aspnetcore/security/blazor/webassembly/index.md
• Product: aspnet-core
• Technology: aspnetcore-security
• GitHub Login: @guardrex
• Microsoft Alias: riande