This applies to ASP.Net MVC 4 and .Net 4.5
When converting ASP.NET MVC to Claims-aware app, I would get the following error:
A claim of type ‘http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier’ or ‘http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider’ was not present on the provided ClaimsIdentity. To enable anti-forgery token support with claims-based authentication, please verify that the configured claims provider is providing both of these claims on the ClaimsIdentity instances it generates. If the configured claims provider instead uses a different claim type as a unique identifier, it can be configured by setting the static property AntiForgeryConfig.UniqueClaimTypeIdentifier.
At default, ASP.NET MVC uses User.Identity.Name
as anti-forgery token to validate form submitted. Worth to note that by default, ASP.NET MVC is not Claims-aware app.
When converting to Claims-aware app, ASP.NET MVC doesn’t use User.Identity.Name
as the anti-forgery token anymore. Instead, it attempts to use the NameIdentifier
and IdentityProvider
ClaimType.
AntiForgeryConfig
One way to solve it is to set AntiForgeryConfig
to use other ClaimType.
protected void Application_Start() { AreaRegistration.RegisterAllAreas(); WebApiConfig.Register(GlobalConfiguration.Configuration); FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters); RouteConfig.RegisterRoutes(RouteTable.Routes); BundleConfig.RegisterBundles(BundleTable.Bundles); AuthConfig.RegisterAuth(); AntiForgeryConfig.UniqueClaimTypeIdentifier = ClaimTypes.Email; }
Add NameIdentifier and IdentityProvider ClaimTypes
Alternatively, you can add NameIdentifier
and IdentityProvider
ClaimTypes to your claims.
List<Claim> _claims = new List<Claim>(); _claims.AddRange(new List<Claim> { new Claim("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier", _user.Email)), new Claim("http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider", _user.Email) });
Thank you…
Yep, thanks
Thank you!
Excellent. Thanks!
Thank you.
Thanks. Love Rachel
it worked for me only when i did this:
AntiForgeryConfig.UniqueClaimTypeIdentifier = ClaimsIdentity.DefaultNameClaimType;
[…] AntiForgeryToken: A Claim of Type NameIdentifier or IdentityProvider Was Not Present on Provided&nbs… […]
[…] https://stack247.wordpress.com/2013/02/22/antiforgerytoken-a-claim-of-type-nameidentifier-or-identity… […]
[…] AntiForgeryToken: A Claim of Type NameIdentifier or IdentityProvider Was Not Present on Provided&nbs… […]
where will we input that code?
Best ever!!!
[…] AntiForgeryToken: A Claim of Type NameIdentifier or IdentityProvider Was Not Present on Provided&nbs… […]
[…] AntiForgeryToken: A Claim of Type NameIdentifier or IdentityProvider Was Not Present on Provided&nbs… […]
[…] https://stack247.wordpress.com/2013/02/22/antiforgerytoken-a-claim-of-type-nameidentifier-or-identity… […]