What is the scheme name for identity?

Question

Let's say I use the following:

services.AddIdentity<User, UserRole>()
        .AddEntityFrameworkStores<AppDbContext>();

What is the authentication scheme name being set? I didn't find this in any documentation. I tried looking for a class with the names IdentityAuthenticationDefaults and IdentityDefaults but found nothing. I have tried "Cookies" but it isn't set to this. The application works well, so there is surely some scheme name set.

Answer 1

IdentityConstants is the class you're looking for here. Here's the relevant part for your specific question (xmldocs removed):

public class IdentityConstants
{
    private static readonly string CookiePrefix = "Identity";

    public static readonly string ApplicationScheme = CookiePrefix + ".Application";

    ...
}

IdentityConstants.ApplicationScheme is used as the DefaultAuthenticateScheme - the value itself ends up being Identity.Application.

The schemes get set up here:

services.AddAuthentication(options =>
{
    options.DefaultAuthenticateScheme = IdentityConstants.ApplicationScheme;
    options.DefaultChallengeScheme = IdentityConstants.ApplicationScheme;
    options.DefaultSignInScheme = IdentityConstants.ExternalScheme;
})

Here are links to the API reference docs:

• IdentityConstants
• IdentityConstants.ApplicationScheme

Answer 2

Silly that there are static string references under IdentityConstants but these are not usable by the AuthorizeAttribute class or method attribute to set the AuthenticationSchemes property since it must be a constant value. I created a simple shared constants class that contains the necessary to get around this but wish MS provided something OOTB.

public class SharedConstants
{
    public const string IdentityApplicationScheme = "Identity.Application";
}

Then you can use it like this.

[Authorize(AuthenticationSchemes = SharedConstants.IdentityApplicationScheme)]