I created a custom class that inherits from IPrincipal and would like to make sure this object is added to the Thread.CurrentPrincipal and HttpContext.Current.User instead of the ClaimsPrincipal object. This is for a web api application.
I would like this to occur after the user makes a successful request for an access token. Where in the lifecycle should this occur?
After I called /Token to get the access_token, I passed the bearer token back to the ChangePassword action along with the necessary parameters and User is still set to ClaimsPrincipal. Is there a way to make sure the Principal is set immediately after the request is made and after the ClaimsPrincipal is set?