Open Closed

How to add additional claim into id_token? #6219

User avatar
0
nhontran created
  • ABP Framework version: v5.2.2
  • UI Type: Angular
  • Database System: EF Core (SQL Server)
  • Auth Server Separated (for Angular): yes

Hi, we are using Identity Server 4 and have a custom claim called 'institution_id,' which we have included in the access token by adding it to the ApiResourcesClaims.

However, this claim does not appear in the id_token, and we need it to be included. Any customization needed to achieve this?

Your help would be greatly appreciated.

Go to accepted answer
6 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Please share your identity server config. eg Client, API Scope ,Identity Resource

    Thanks.

  • User Avatar
    0
    nhontran created

    Client:

    Api Resources:

    Api scopes:

    Identity Resources:

    Please let me know if you require any further info.

    Thanks

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Please share the code of seeding the identity server's configuration.

  • User Avatar
    0
    nhontran created

    Hi @maliming,

    I have shared you the source code via email.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    You can add a new Identity Resouce named institution_id.

    Add the institution_id to the request's scopes. options.Scope.Add("institution_id");

    [UnitOfWork]
public virtual async Task SeedAsync(DataSeedContext context)
{
    using (_currentTenant.Change(context?.TenantId))
    {
        await _identityResourceDataSeeder.CreateStandardResourcesAsync();

        if (!await _identityResourceRepository.CheckNameExistAsync(SHDPClaimTypes.InstitutionId))
        {
            var institutionIdIdentityResource = new IdentityResource(_guidGenerator.Create(), SHDPClaimTypes.InstitutionId);
            institutionIdIdentityResource.AddUserClaim(SHDPClaimTypes.InstitutionId);
            await _identityResourceRepository.InsertAsync(institutionIdIdentityResource);
            if (await _claimTypeRepository.AnyAsync(SHDPClaimTypes.InstitutionId))
            {
                await _claimTypeRepository.InsertAsync(
                    new IdentityClaimType(
                        _guidGenerator.Create(),
                        SHDPClaimTypes.InstitutionId,
                        isStatic: true
                    )
                );
            }
        }

        await CreateClaimTypesAsync();
        await CreateApiResourcesAsync();
        await CreateClientsAsync();
    }
}

    var commonScopes = new[]
{
    "email",
    "openid",
    "profile",
    "role",
    "phone",
    "address",
    "DigitalPlatform",
    "institution_id"
};
  • User Avatar
    0
    nhontran created

    Hi @maliming, following your steps, I managed to add the custom claim into id token.

    Thanks a lot for your help.

Assignee
User avatar maliming
Labels
None yet
Boost Your Development
ABP Live Training
Packages
See Trainings
Mastering ABP Framework Book
The Official Guide
Mastering
ABP Framework
Learn More
Mastering ABP Framework Book
Made with ❤️ on ABP v10.0.0-preview. Updated on July 11, 2025, 11:35