Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

JwtSecurityTokenHandler missing claim mapping for "name"

See original GitHub issue

The name claim is a registered JWT claim for the user’s full name (https://www.iana.org/assignments/jwt/jwt.xhtml) However, it isn’t included in the default mappings, unlike given_name and family_name. It should probably be mapped to ClaimTypes.Name. Is there a reason for this, or is this just an oversight?

Workaround: execute this when the app starts:

JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Add("name", ClaimTypes.Name);

Issue Analytics

State:
Created 3 years ago
Reactions:1
Comments:5 (3 by maintainers)

Top GitHub Comments

2reactions

AlexandreArpincommented, Mar 22, 2021

👋

Just upgraded from 6.8 to 6.9 (AspNet Core 3.1) and experienced a breaking change.

I’m not super well versed in all things OpenId/Authentication/etc, but one of the side effect of this change was that now for some reason the “name” claim was now being mapped as http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name instead of name when using OpenId OnTokenReceived (We use OpenIdConnect, ADAL, Azure AD V1 Application and Work Account login).

We updated our mapping/claims logic to work on both versions, but we were rather lucky to have caught it (it’s an Api surface that’s rather difficult to unit test).

0reactions

udlosecommented, Apr 15, 2021

@AlexandreArpin we will have to roll this back, in the meantime, there is a workaround.

@brentschmaltz so is this going to be changed again in the future or do you mean, we shouldn’t have done that and it will remain as it was in v6.8.0 before #1545 ?