The claims issued in the cookie are a snapshot of the claims at login time. If they change then you'd need to detect this on every request into the app and issue a new cookie. There's an event on the cookie authentication middleware provider called OnValidateIdentity where you can do this.
How to deal with claims which are expired
-
19-06-2023 - |
Question
Building an ASP.NET MVC app with ASPNET identity with claim based authorization, wondering what should happen when an claim is expired.
e.g. In my claims, i stored a person's claim as claimtype ="Capability", claimvalue = "driver"
If this person's driver license is expired or withdrawn, then person should not have a claim of "driver".
In my system, normally nothing is deleted. So I would like to mark this claim as InActive(Boolean). However, the table ASPNET Identity provisioned doesn't have this column. So what I should do in this case?
Thanks.
Solution
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow