Possible values of HttpContext.User.Identity.AuthenticationType

Question

In ASP.NET Core, with Identity, I always get this:

HttpContext.User.Identity.AuthenticationType == "Identity.Application"

What is the significance of this? Are there any other values it could be?

Answer 1

When I setup everything to use Windows authentication, I get HttpContext.User.Identity.AuthenticationType = Kerberos, that would be an example.

Also, when I do my own login:

        ClaimsPrincipal principal = new ClaimsPrincipal(new ClaimsIdentity(
            new List<Claim>{
                new Claim(ClaimTypes.Name, username),
                new Claim(PartnersUserDataClaim, userData),
                new Claim(ModuleNameClaim, moduleName)
            },
            "SSO/Windows"));

        await HttpContext.Authentication.SignInAsync(APIAuthSchemeName, principal);

"SSO/Windows" ends up being the value of HttpContext.User.Identity.AuthenticationType

So, I would say this attribute can be set by whatever layer is able of creating your principal, whether it's a provided middleware like the IIS one for Kerberos, or your own layer.