I have an MVC website that is calling a WebAPI in another project. The WebAPI uses OWIN and implements OAuth security. I will be using a Bearer Token to communicate between the MVC and WebAPI applications. My website requires the user to be in AD, which I am checking in the GrantResourceOwnerCredentials method. If the user is authenticated, I would like to retrieve some information about them on the database and then pass that to the client for display on the website. I put this information in the ClaimsIdentity as a new Claim.
This seems to be adding correctly to the ClaimsIdentity on the WebAPI. However, I cannot figure out how to retrieve this information on the MVC website. When I pull the ClaimsIdentity on the website, the only Claim present is the Username, which it retrieved from the login form.
Is it not possible to pass information this way?
Access tokens are not meant to be consumed by the requester. Add a Web API endpoint that echoes back the claims to the client as a workaround.