Utility classes - mattchenderson/microsoft-identity-web GitHub Wiki

Microsoft Identity Web contains additional classes that you might find useful.

ClaimsPrincipalExtensions

In web apps that sign in users, ASP.NET Core transforms the claims in the ID token to a ClaimsPrincipal instance, held by the HttpContext.User property. In the same way, in protected web APIs, the claims from the JWT bearer token used to call the API are available in HttpContext.User.

The library provides extension methods to retrieve some of the relevant information about the user in the ClaimsPrincipalExtensions class.

If you want to implement your own token cache serialization, you might want to use this class, for instance to get the key of the token cache to serialize (typically GetMsalAccountId()).

ClaimsPrincipalFactory

In the other direction, ClaimsPrincipalFactory instantiates a ClaimsPrincipal from an account object ID and tenant ID. These methods can be useful when the web app or the web API subscribes to another service on behalf of the user, and then is called back by a notification where the users are identified by only their tenant ID and object ID. This is the case, for instance, for Microsoft Graph Web Hooks notifications.

AccountExtensions

Finally, you can create a ClaimsPrincipal from an instance of MSAL.NET IAccount, using the ToClaimsPrincipal method in AccountExtensions.