Cannot get Username / given_name when using angular-oauth2-oidc and Identity Server 4

Asked 3/8, 2018 at 11:38 Answered 8/2, 2022 at 8:3

Solved identityserver4 angular-oauth2-oidc

I am following the Implicit Workflow example from the angular-oauth2-oidc documentation.

Everything works well in my Angular app, and I can login (during which I am redirected to Identity Server), get my token and use this token to access my Web Api.

However, I have noticed that the "given_name" claim is null, and therefore, the username is not displayed on the login page. Specifically, the following method from the sample code appears to return null:

public get name() {
    let claims = this.oauthService.getIdentityClaims();
    if (!claims) return null;
    return claims.given_name;
}

I thought perhaps this was a problem with permissions, but my scope is set to:

scope: 'openid profile email api1',

Any idea what I need to change to get this "given_name" claim?

Deviate answered 3/8, 2018 at 11:38 Comment(4)

Were you manage to solve this? I encountered the same issue and I'm not sure what I did wrong after following the steps in angular-oauth2-oidc. The claims.given_name is always null even after I signed-in in to the identity server. – Tilefish 8/8, 2018 at 5:50

I figured it out. I fixed my issue by setting the value of "AlwaysIncludeuserClaimsInIdToken" to true in the client settings – Tilefish 8/8, 2018 at 9:26

@SetrákusRa Nice, good to hear you found a solution. Perhaps post it as an answers so others can easily spot it? – Madelle 8/8, 2018 at 9:37

Jeroen, thanks for that reminder! I posted it in the answers section. Hopefully, this can help others who may encounter the same issue. – Tilefish 8/8, 2018 at 12:18

For those who encountered the same issue. You can fix it by adding this line AlwaysIncludeuserClaimsInIdToken=true in the client settings on identity provider side.

Chalk answered 8/8, 2018 at 12:14 Comment(5)

When I added the line to my config and ran the solution again, it worked and I given_name is now populated! Thanks. – Planimetry 23/8, 2018 at 7:25

I am trying to find 'AlwaysIncludeuserClaimsInIdToken' but cannot seem to find it. Any ideas? Thanks – Sempstress 1/3, 2020 at 18:55

@Setrákus Ra - where can i add/configure this "AlwaysIncludeuserClaimsInIdToken=true" settings in above shared code..? – Sideslip 5/3, 2020 at 7:27

@Setrákus Ra - Can you please share how can i set client..? – Sideslip 5/3, 2020 at 7:32

Would also like to get know where the client settings are? – Pneuma 27/3, 2020 at 16:44

OauthService.getIdentityClaims() is a Promise and holds UserInfo you can extract the name field with braces, so your function should be:

public get name() {
    let claims = this.oauthService.getIdentityClaims();
    if (!claims) return null;
    return claims['name'];
}

Boron answered 6/11, 2020 at 12:52 Comment(0)

The answer marked as "Best answer" is not correct. Get the user claims in the 'idtoken' will cause that the 'idtoken' be very big and then you may exceed the size limit.

The correct implementation is to use the 'UserInfo' Endpoint and then use the method 'loadUserProfile':

Example:

getUserClaims() {
    const user = this.oauthService.loadUserProfile();
    console.log(user, user);
}

Kan answered 23/7, 2020 at 1:53 Comment(0)

I had the same issue, in my case with an error displayed on the browser console, saying that Request was blocked by Security Policy. even having the AllowAnyOrigin() method called in startup, I lacked to get the header allowed. So when in my angular aap i call the loadUserProfile method via the token_received event, it sends some headers that were not allowed. Finaly this fix my issue: app.UseCors(options => options.AllowAnyOrigin().AllowAnyHeader()); Don't forget calling that before usemvc

Triny answered 8/2, 2022 at 8:3 Comment(0)

Recommended topics

Hot tags