5

I have a webforms site that has O365 authentication, i added the authentication by using visual studios inbuilt options when building the project.

VS Authentication

This works perfectly, but what i would like to do, it get the email address of the user logged in, and the display a different set of links or a different page depending on who is logged in.

How would i go about doing that?

James Morrish
  • 455
  • 6
  • 24
  • I would set a breakpoint in a controller, call that controller method, and then inspect the ClaimsPrincipal.Current.Claims object. There should be a set of security claims there, and one of them should contain the users email address (the "upn" claim if I remember correctly). – andrew.burk Mar 05 '18 at 17:25
  • Did you try this: https://code.msdn.microsoft.com/office/How-to-login-on-office-365-4d619710 – Maciej Pulikowski Mar 27 '18 at 08:27

1 Answers1

0

If the underlying ADFS is not passing the email claim you wont be able to see the details of the email. First thing, if you are able to log in, I would suggest to print out the claims that's you are getting. See following link for one implementation of reading all claims:

Access Claim values in controller in MVC 5

If the Email claim is not there, then you need to ask your ADFS administrator to pass the email claim. Here is a reference link on how to pass email claim: https://learn.microsoft.com/en-us/azure/architecture/multitenant-identity/adfs

If Email claim is present, then is the claim type Email (http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress). If it is, then you should be able to use ClaimTypes.Email property. But if it not then, it is easiest to ask ADFS admin to transform the claimtype to email address claim type. The harder way to do it by having ClaimTransformationManager (https://learn.microsoft.com/en-us/dotnet/framework/security/how-to-transform-incoming-claims).

I hope you find this helpful.

Cheers, Umang

Umang
  • 815
  • 5
  • 17