Identity resource¶

Identity resources are data like user ID, name, or email address of a user. An identity resource has a unique name, and you can assign arbitrary claim types to it. These claims will then be included in the identity token for the user. The client will use the scope parameter to request access to an identity resource.

The OpenID Connect specification specifies a couple of standard identity resources. The minimum requirement is, that you provide support for emitting a unique ID for your users - also called the subject id. This is done by exposing the standard identity resource called openid.

The IdentityResources class supports all scopes defined in the specification (openid, email, profile, telephone, and address). If you want to support them all, you can add them to your list of supported identity resources: openid, profile, email, phone and , address. In our implementation, this has been already configured for using openid and profile, so you do not have to be worried of them.

The request with profile scope access to the End-User's default profile Claims, which are: name, family_name, given_name, middle_name, nickname, preferred_username, profile, picture, website, gender, birthdate, zoneinfo, locale, and updated_at.

Models¶

More technical information at https://docs.duendesoftware.com/identityserver/v6/reference/models/identity_resource/.

IdentityResource¶

This class models an identity resource.

IdentityClaim¶

List of associated user claim types that should be included in the identity token.

How to manage Identity resources¶

There are no mechanism for managing; this is part of the security configuration and it is already configured.