Viewing claims within a token

By | March 24, 2018

I wrote this small single file aspx utility that can be dropped in a asp.net website. The utility will allow the user to view the claims within the token.

Viewing claims within a token

If you do not have access to the server to upload an aspx page file then look at this solution to decode the token.

This utility is used by many of the technical consultants at the company where I work to assist with the configuration of the Identity provider configuration. It is light weight and does not require the installation of any software.

For those interested, the claims viewer can be downloaded here.

For those that are just interested in the syntax of the claims viewer, here it is.


<%@ Page Language="C#" %>
<!DOCTYPE html>

<script runat=server>
protected string ReadClaims()
{
if (System.Security.Claims.ClaimsPrincipal.Current.Identity.IsAuthenticated)
{
if (System.Security.Claims.ClaimsPrincipal.Current.Identity is System.Security.Claims.ClaimsIdentity)
{
foreach (System.Security.Claims.ClaimsIdentity identity in System.Security.Claims.ClaimsPrincipal.Current.Identities)
{
Response.Write("<h4>Identity: " + identity.AuthenticationType + "</h4>");
int claimCount = 1;
foreach (System.Security.Claims.Claim claim in identity.Claims)
{
Response.Write("(" + claimCount.ToString() + ".) " + claim.Type + " : " + claim.Value + "<br>");

claimCount++;
}
Response.Write("<br>");
}
}
}
else
{
Response.Write("No Authenticated Identity");
}

return string.Empty;
}
</script>

<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
</head>
<body>
<form id="form1" runat="server">
<%=ReadClaims()%>
</form>
</body>
</html>

 

Leave a Reply

Your email address will not be published.