Identityserver4: No claim types requested
I have just upgraded my Host from beta5 to RTM. I also moved my persistence from the TwentyTwenty EF to the IdentityServer one. This involved making the change from Scopes to ApiResources and IdentityResources. Its all gone smoothly and I have implemented the IResourceStore, IClientStore, IProfileService. I have set up my Identity Resources with the identity scope names (openid, profile) and I am able to log into my client using my Host, BUT ONLY if I add a claim to any one of my Identity Resources. If there is no claim in any Identity Resource then I get the error 'No claim types requested' which is thrown from the constructor of ProfileDataRequestContext. Why is it a problem if I don't have any Identity Resource claims. If I add any random value as a Identity Resource Claim, the authentication works perfectly and I get my identity and access tokens and my claims like sub and email and the like. Is there something I have failed to do?
ravetroll
All 7 comments
Can you show the identity resources config? Why are you modeling an identity resource without a user claim?
brockallen
on 4 Jan 2017
IdentityResources
Id Description DisplayName Emphasize Enabled Name Required ShowInDiscoveryDocument
1 openid openid 0 1 openid 0 1
2 profile profile 0 1 profile 0 1
3 offline_access offline_access 0 1 offline_access 0 1
5 api api 0 1 api 0 0
IdentityClaims
Id IdentityResourceId Type
4 2 t
I have put the value t in as a claim against profile.
Have I done this configuration wrong?
ravetroll
on 4 Jan 2017
Yea, your profile identity resource should have several claim types defined: https://github.com/IdentityServer/IdentityServer4/blob/dev/src/IdentityServer4/Constants.cs#L136. Also, openid should have sub defined: https://github.com/IdentityServer/IdentityServer4/blob/dev/src/IdentityServer4/Constants.cs#L167
brockallen
on 4 Jan 2017
I thought that IdentityServer4 was picking those up out of its constants based on the name? I ddn't know I had to define them manually in the table. I didn't have to do this configuration in beta5 middleware (Scopes insteads of Resources) and it worked fine, pulling out the claims for profile and openid. Now I know, and hope this helps others too.
ravetroll
on 4 Jan 2017
If you're using the EF stores for the resources, then they all need to be defined in the DB (unless you're doing some custom code to merge some from DB and some from in-mem).
brockallen
on 4 Jan 2017
That change was a crap, IScopeStore to IResourceStore ?? , Seriously??
andreslon
on 16 Apr 2017
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.
![lock[bot] picture](https://avatars1.githubusercontent.com/in/6672?v=4&s=40)
lock[bot]
on 14 Jan 2020
Related issues
ekarlso
路
3Comments
chrisrestall
路
3Comments
cixonline
路
3Comments
nukec
路
3Comments
garymacpherson
路
3Comments