Microsoft.Extensions.Identity.Core
Used for authenticator code verification.
Checks if a two-factor authentication token can be generated for the specified .
The to retrieve the from.
The to check for the possibility of generating a two-factor authentication token.
True if the user has an authenticator key set, otherwise false.
Returns an empty string since no authenticator codes are sent.
Ignored.
The to retrieve the from.
The .
string.Empty.
Options used to configure the claim types used for well known claims.
Gets or sets the ClaimType used for a Role claim. Defaults to .
Gets or sets the ClaimType used for the user name claim. Defaults to .
Gets or sets the ClaimType used for the user identifier claim. Defaults to .
Gets or sets the ClaimType used for the user email claim. Defaults to .
Gets or sets the ClaimType used for the security stamp claim. Defaults to "AspNet.Identity.SecurityStamp".
Default implementation of that uses
and to protect data with a payload format of {keyId}:{protectedData}
Constructor.
Unprotect the data.
The data to unprotect.
The unprotected data.
Protect the data.
The data to protect.
The protected data.
Default implementation of .
The type encapsulating a user.
Determines whether the specified is confirmed.
The that can be used to retrieve user properties.
The user.
The that represents the asynchronous operation, containing the of the confirmation operation.
TokenProvider that generates tokens from the user's security stamp and notifies a user via email.
The type used to represent a user.
Checks if a two-factor authentication token can be generated for the specified .
The to retrieve the from.
The to check for the possibility of generating a two-factor authentication token.
True if the user has an email address set, otherwise false.
Returns the a value for the user used as entropy in the generated token.
The purpose of the two-factor authentication token.
The to retrieve the from.
The to check for the possibility of generating a two-factor authentication token.
A string suitable for use as entropy in token generation.
Helper functions for configuring identity services.
Creates a new instance of .
The to use for the users.
The to attach to.
Creates a new instance of .
The to use for the users.
The to use for the roles.
The to attach to.
Gets the used for users.
The used for users.
Gets the used for roles.
The used for roles.
Gets the services are attached to.
The services are attached to.
Adds an for the .
The user validator type.
The current instance.
Adds an for the .
The type of the claims principal factory.
The current instance.
Adds an .
The type of the error describer.
The current instance.
Adds an for the .
The validator type used to validate passwords.
The current instance.
Adds an for the .
The user store type.
The current instance.
Adds a token provider.
The type of the token provider to add.
The name of the provider to add.
The current instance.
Adds a token provider for the .
The name of the provider to add.
The type of the to add.
The current instance.
Adds a for the .
The type of the user manager to add.
The current instance.
Adds Role related services for TRole, including IRoleStore, IRoleValidator, and RoleManager.
The role type.
The current instance.
Adds an for the .
The role validator type.
The current instance.
Adds an and .
The personal data protector type.
The personal data protector key ring type.
The current instance.
Adds a for the .
The role store.
The current instance.
Adds a for the .
The type of the role manager to add.
The current instance.
Adds a for the .
The type of the user confirmation to add.
The current instance.
Encapsulates an error from the identity subsystem.
Gets or sets the code for this error.
The code for this error.
Gets or sets the description for this error.
The description for this error.
Service to enable localization for application facing identity errors.
These errors are returned to controllers and are generally used as display messages to end users.
Returns the default .
The default .
Returns an indicating a concurrency failure.
An indicating a concurrency failure.
Returns an indicating a password mismatch.
An indicating a password mismatch.
Returns an indicating an invalid token.
An indicating an invalid token.
Returns an indicating a recovery code was not redeemed.
An indicating a recovery code was not redeemed.
Returns an indicating an external login is already associated with an account.
An indicating an external login is already associated with an account.
Returns an indicating the specified user is invalid.
The user name that is invalid.
An indicating the specified user is invalid.
Returns an indicating the specified is invalid.
The email that is invalid.
An indicating the specified is invalid.
Returns an indicating the specified already exists.
The user name that already exists.
An indicating the specified already exists.
Returns an indicating the specified is already associated with an account.
The email that is already associated with an account.
An indicating the specified is already associated with an account.
Returns an indicating the specified name is invalid.
The invalid role.
An indicating the specific role name is invalid.
Returns an indicating the specified name already exists.
The duplicate role.
An indicating the specific role name already exists.
Returns an indicating a user already has a password.
An indicating a user already has a password.
Returns an indicating user lockout is not enabled.
An indicating user lockout is not enabled.
Returns an indicating a user is already in the specified .
The duplicate role.
An indicating a user is already in the specified .
Returns an indicating a user is not in the specified .
The duplicate role.
An indicating a user is not in the specified .
Returns an indicating a password of the specified does not meet the minimum length requirements.
The length that is not long enough.
An indicating a password of the specified does not meet the minimum length requirements.
Returns an indicating a password does not meet the minimum number of unique chars.
The number of different chars that must be used.
An indicating a password does not meet the minimum number of unique chars.
Returns an indicating a password entered does not contain a non-alphanumeric character, which is required by the password policy.
An indicating a password entered does not contain a non-alphanumeric character.
Returns an indicating a password entered does not contain a numeric character, which is required by the password policy.
An indicating a password entered does not contain a numeric character.
Returns an indicating a password entered does not contain a lower case letter, which is required by the password policy.
An indicating a password entered does not contain a lower case letter.
Returns an indicating a password entered does not contain an upper case letter, which is required by the password policy.
An indicating a password entered does not contain an upper case letter.
Represents all the options you can use to configure the identity system.
Gets or sets the for the identity system.
The for the identity system.
Gets or sets the for the identity system.
The for the identity system.
Gets or sets the for the identity system.
The for the identity system.
Gets or sets the for the identity system.
The for the identity system.
Gets or sets the for the identity system.
The for the identity system.
Gets or sets the for the identity system.
The for the identity system.
Gets or sets the for the identity system.
The for the identity system.
Represents the result of an identity operation.
Flag indicating whether if the operation succeeded or not.
True if the operation succeeded, otherwise false.
An of instances containing errors
that occurred during the identity operation.
An of instances.
Returns an indicating a successful identity operation.
An indicating a successful operation.
Creates an indicating a failed identity operation, with a list of if applicable.
An optional array of s which caused the operation to fail.
An indicating a failed identity operation, with a list of if applicable.
Converts the value of the current object to its equivalent string representation.
A string representation of the current object.
If the operation was successful the ToString() will return "Succeeded" otherwise it returned
"Failed : " followed by a comma delimited list of error codes from its collection, if any.
Provides an abstraction for normalizing keys (emails/names) for lookup purposes.
Returns a normalized representation of the specified .
The key to normalize.
A normalized representation of the specified .
Returns a normalized representation of the specified .
The email to normalize.
A normalized representation of the specified .
Used to protect/unprotect lookups with a specific key.
Protect the data using the specified key.
The key to use.
The data to protect.
The protected data.
Unprotect the data using the specified key.
The key to use.
The data to unprotect.
The original data.
Abstraction used to manage named keys used to protect lookups.
Get the current key id.
Return a specific key.
The id of the key to fetch.
The key ring.
Return all of the key ids.
All of the key ids.
Provides an abstraction for hashing passwords.
The type used to represent a user.
Returns a hashed representation of the supplied for the specified .
The user whose password is to be hashed.
The password to hash.
A hashed representation of the supplied for the specified .
Returns a indicating the result of a password hash comparison.
The user whose password should be verified.
The hash value for a user's stored password.
The password supplied for comparison.
A indicating the result of a password hash comparison.
Implementations of this method should be time consistent.
Provides an abstraction for validating passwords.
The type that represents a user.
Validates a password as an asynchronous operation.
The to retrieve the properties from.
The user whose password should be validated.
The password supplied for validation
The task object representing the asynchronous operation.
Provides an abstraction used for personal data encryption.
Protect the data.
The data to protect.
The protected data.
Unprotect the data.
The unprotected data.
Marker interface used to signal that the store supports the flag.
The type that represents a user.
Provides an abstraction for querying roles in a Role store.
The type encapsulating a role.
Returns an collection of roles.
An collection of roles.
Provides an abstraction for querying users in a User store.
The type encapsulating a user.
Returns an collection of users.
An collection of users.
Provides an abstraction for a store of role specific claims.
The type encapsulating a role.
Gets a list of s to be belonging to the specified as an asynchronous operation.
The role whose claims to retrieve.
The used to propagate notifications that the operation should be canceled.
A that represents the result of the asynchronous query, a list of s.
Add a new claim to a role as an asynchronous operation.
The role to add a claim to.
The to add.
The used to propagate notifications that the operation should be canceled.
The task object representing the asynchronous operation.
Remove a claim from a role as an asynchronous operation.
The role to remove the claim from.
The to remove.
The used to propagate notifications that the operation should be canceled.
The task object representing the asynchronous operation.
Provides an abstraction for a storage and management of roles.
The type that represents a role.
Creates a new role in a store as an asynchronous operation.
The role to create in the store.
The used to propagate notifications that the operation should be canceled.
A that represents the of the asynchronous query.
Updates a role in a store as an asynchronous operation.
The role to update in the store.
The used to propagate notifications that the operation should be canceled.
A that represents the of the asynchronous query.
Deletes a role from the store as an asynchronous operation.
The role to delete from the store.
The used to propagate notifications that the operation should be canceled.
A that represents the of the asynchronous query.
Gets the ID for a role from the store as an asynchronous operation.
The role whose ID should be returned.
The used to propagate notifications that the operation should be canceled.
A that contains the ID of the role.
Gets the name of a role from the store as an asynchronous operation.
The role whose name should be returned.
The used to propagate notifications that the operation should be canceled.
A that contains the name of the role.
Sets the name of a role in the store as an asynchronous operation.
The role whose name should be set.
The name of the role.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation.
Get a role's normalized name as an asynchronous operation.
The role whose normalized name should be retrieved.
The used to propagate notifications that the operation should be canceled.
A that contains the name of the role.
Set a role's normalized name as an asynchronous operation.
The role whose normalized name should be set.
The normalized name to set
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation.
Finds the role who has the specified ID as an asynchronous operation.
The role ID to look for.
The used to propagate notifications that the operation should be canceled.
A that result of the look up.
Finds the role who has the specified normalized name as an asynchronous operation.
The normalized role name to look for.
The used to propagate notifications that the operation should be canceled.
A that result of the look up.
Provides an abstraction for a validating a role.
The type encapsulating a role.
Validates a role as an asynchronous operation.
The managing the role store.
The role to validate.
A that represents the of the asynchronous validation.
Provides an abstraction to store a user's authentication tokens.
The type encapsulating a user.
Sets the token value for a particular user.
The user.
The authentication provider for the token.
The name of the token.
The value of the token.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation.
Deletes a token for a user.
The user.
The authentication provider for the token.
The name of the token.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation.
Returns the token value.
The user.
The authentication provider for the token.
The name of the token.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation.
Provides an abstraction for a store which stores info about user's authenticator.
The type encapsulating a user.
Sets the authenticator key for the specified .
The user whose authenticator key should be set.
The authenticator key to set.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation.
Get the authenticator key for the specified .
The user whose security stamp should be set.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation, containing the security stamp for the specified .
Provides an abstraction for a factory to create a from a user.
The type encapsulating a user.
Creates a from an user asynchronously.
The user to create a from.
The that represents the asynchronous creation operation, containing the created .
Provides an abstraction for a store of claims for a user.
The type encapsulating a user.
Gets a list of s to be belonging to the specified as an asynchronous operation.
The role whose claims to retrieve.
The used to propagate notifications that the operation should be canceled.
A that represents the result of the asynchronous query, a list of s.
Add claims to a user as an asynchronous operation.
The user to add the claim to.
The collection of s to add.
The used to propagate notifications that the operation should be canceled.
The task object representing the asynchronous operation.
Replaces the given on the specified with the
The user to replace the claim on.
The claim to replace.
The new claim to replace the existing with.
The used to propagate notifications that the operation should be canceled.
The task object representing the asynchronous operation.
Removes the specified from the given .
The user to remove the specified from.
A collection of s to remove.
The used to propagate notifications that the operation should be canceled.
The task object representing the asynchronous operation.
Returns a list of users who contain the specified .
The claim to look for.
The used to propagate notifications that the operation should be canceled.
A that represents the result of the asynchronous query, a list of who
contain the specified claim.
Provides an abstraction for confirmation of user accounts.
The type encapsulating a user.
Determines whether the specified is confirmed.
The that can be used to retrieve user properties.
The user.
Whether the user is confirmed.
Provides an abstraction for the storage and management of user email addresses.
The type encapsulating a user.
Sets the address for a .
The user whose email should be set.
The email to set.
The used to propagate notifications that the operation should be canceled.
The task object representing the asynchronous operation.
Gets the email address for the specified .
The user whose email should be returned.
The used to propagate notifications that the operation should be canceled.
The task object containing the results of the asynchronous operation, the email address for the specified .
Gets a flag indicating whether the email address for the specified has been verified, true if the email address is verified otherwise
false.
The user whose email confirmation status should be returned.
The used to propagate notifications that the operation should be canceled.
The task object containing the results of the asynchronous operation, a flag indicating whether the email address for the specified
has been confirmed or not.
Sets the flag indicating whether the specified 's email address has been confirmed or not.
The user whose email confirmation status should be set.
A flag indicating if the email address has been confirmed, true if the address is confirmed otherwise false.
The used to propagate notifications that the operation should be canceled.
The task object representing the asynchronous operation.
Gets the user, if any, associated with the specified, normalized email address.
The normalized email address to return the user for.
The used to propagate notifications that the operation should be canceled.
The task object containing the results of the asynchronous lookup operation, the user if any associated with the specified normalized email address.
Returns the normalized email for the specified .
The user whose email address to retrieve.
The used to propagate notifications that the operation should be canceled.
The task object containing the results of the asynchronous lookup operation, the normalized email address if any associated with the specified user.
Sets the normalized email for the specified .
The user whose email address to set.
The normalized email to set for the specified .
The used to propagate notifications that the operation should be canceled.
The task object representing the asynchronous operation.
Provides an abstraction for a storing information which can be used to implement account lockout,
including access failures and lockout status
The type that represents a user.
Gets the last a user's last lockout expired, if any.
Any time in the past should be indicates a user is not locked out.
The user whose lockout date should be retrieved.
The used to propagate notifications that the operation should be canceled.
A that represents the result of the asynchronous query, a containing the last time
a user's lockout expired, if any.
Locks out a user until the specified end date has passed. Setting a end date in the past immediately unlocks a user.
The user whose lockout date should be set.
The after which the 's lockout should end.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation.
Records that a failed access has occurred, incrementing the failed access count.
The user whose cancellation count should be incremented.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation, containing the incremented failed access count.
Resets a user's failed access count.
The user whose failed access count should be reset.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation.
This is typically called after the account is successfully accessed.
Retrieves the current failed access count for the specified .
The user whose failed access count should be retrieved.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation, containing the failed access count.
Retrieves a flag indicating whether user lockout can enabled for the specified user.
The user whose ability to be locked out should be returned.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation, true if a user can be locked out, otherwise false.
Set the flag indicating if the specified can be locked out.
The user whose ability to be locked out should be set.
A flag indicating if lock out can be enabled for the specified .
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation.
Provides an abstraction for storing information that maps external login information provided
by Microsoft Account, Facebook etc. to a user account.
The type that represents a user.
Adds an external to the specified .
The user to add the login to.
The external to add to the specified .
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation.
Attempts to remove the provided login information from the specified .
and returns a flag indicating whether the removal succeed or not.
The user to remove the login information from.
The login provide whose information should be removed.
The key given by the external login provider for the specified user.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation.
Retrieves the associated logins for the specified .
The user whose associated logins to retrieve.
The used to propagate notifications that the operation should be canceled.
The for the asynchronous operation, containing a list of for the specified , if any.
Retrieves the user associated with the specified login provider and login provider key.
The login provider who provided the .
The key provided by the to identify a user.
The used to propagate notifications that the operation should be canceled.
The for the asynchronous operation, containing the user, if any which matched the specified login provider and key.
Provides an abstraction for a store containing users' password hashes.
The type encapsulating a user.
Sets the password hash for the specified .
The user whose password hash to set.
The password hash to set.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation.
Gets the password hash for the specified .
The user whose password hash to retrieve.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation, returning the password hash for the specified .
Gets a flag indicating whether the specified has a password.
The user to return a flag for, indicating whether they have a password or not.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation, returning true if the specified has a password
otherwise false.
Provides an abstraction for a store containing users' telephone numbers.
The type encapsulating a user.
Sets the telephone number for the specified .
The user whose telephone number should be set.
The telephone number to set.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation.
Gets the telephone number, if any, for the specified .
The user whose telephone number should be retrieved.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation, containing the user's telephone number, if any.
Gets a flag indicating whether the specified 's telephone number has been confirmed.
The user to return a flag for, indicating whether their telephone number is confirmed.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation, returning true if the specified has a confirmed
telephone number otherwise false.
Sets a flag indicating if the specified 's phone number has been confirmed.
The user whose telephone number confirmation status should be set.
A flag indicating whether the user's telephone number has been confirmed.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation.
Provides an abstraction for a store which maps users to roles.
The type encapsulating a user.
Add the specified to the named role.
The user to add to the named role.
The name of the role to add the user to.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation.
Remove the specified from the named role.
The user to remove the named role from.
The name of the role to remove.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation.
Gets a list of role names the specified belongs to.
The user whose role names to retrieve.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation, containing a list of role names.
Returns a flag indicating whether the specified is a member of the given named role.
The user whose role membership should be checked.
The name of the role to be checked.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation, containing a flag indicating whether the specified is
a member of the named role.
Returns a list of Users who are members of the named role.
The name of the role whose membership should be returned.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation, containing a list of users who are in the named role.
Provides an abstraction for a store which stores a user's security stamp.
The type encapsulating a user.
Sets the provided security for the specified .
The user whose security stamp should be set.
The security stamp to set.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation.
Get the security stamp for the specified .
The user whose security stamp should be set.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation, containing the security stamp for the specified .
Provides an abstraction for a store which manages user accounts.
The type encapsulating a user.
Gets the user identifier for the specified .
The user whose identifier should be retrieved.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation, containing the identifier for the specified .
Gets the user name for the specified .
The user whose name should be retrieved.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation, containing the name for the specified .
Sets the given for the specified .
The user whose name should be set.
The user name to set.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation.
Gets the normalized user name for the specified .
The user whose normalized name should be retrieved.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation, containing the normalized user name for the specified .
Sets the given normalized name for the specified .
The user whose name should be set.
The normalized name to set.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation.
Creates the specified in the user store.
The user to create.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation, containing the of the creation operation.
Updates the specified in the user store.
The user to update.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation, containing the of the update operation.
Deletes the specified from the user store.
The user to delete.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation, containing the of the delete operation.
Finds and returns a user, if any, who has the specified .
The user ID to search for.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation, containing the user matching the specified if it exists.
Finds and returns a user, if any, who has the specified normalized user name.
The normalized user name to search for.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation, containing the user matching the specified if it exists.
Provides an abstraction for a store which stores a user's recovery codes.
The type encapsulating a user.
Updates the recovery codes for the user while invalidating any previous recovery codes.
The user to store new recovery codes for.
The new recovery codes for the user.
The used to propagate notifications that the operation should be canceled.
The new recovery codes for the user.
Returns whether a recovery code is valid for a user. Note: recovery codes are only valid
once, and will be invalid after use.
The user who owns the recovery code.
The recovery code to use.
The used to propagate notifications that the operation should be canceled.
True if the recovery code was found for the user.
Returns how many recovery code are still valid for a user.
The user who owns the recovery code.
The used to propagate notifications that the operation should be canceled.
The number of valid recovery codes for the user..
Provides an abstraction to store a flag indicating whether a user has two factor authentication enabled.
The type encapsulating a user.
Sets a flag indicating whether the specified has two factor authentication enabled or not,
as an asynchronous operation.
The user whose two factor authentication enabled status should be set.
A flag indicating whether the specified has two factor authentication enabled.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation.
Returns a flag indicating whether the specified has two factor authentication enabled or not,
as an asynchronous operation.
The user whose two factor authentication enabled status should be set.
The used to propagate notifications that the operation should be canceled.
The that represents the asynchronous operation, containing a flag indicating whether the specified
has two factor authentication enabled or not.
Provides an abstraction for two-factor token generators.
The type encapsulating a user.
Generates a token for the specified and .
The purpose the token will be used for.
The that can be used to retrieve user properties.
The user a token should be generated for.
The that represents the asynchronous operation, containing the token for the specified
and .
The parameter allows a token generator to be used for multiple types of token whilst
insuring a token for one purpose cannot be used for another. For example if you specified a purpose of "Email"
and validated it with the same purpose a token with the purpose of TOTP would not pass the check even if it was
for the same user.
Implementations of should validate that purpose is not null or empty to
help with token separation.
Returns a flag indicating whether the specified is valid for the given
and .
The purpose the token will be used for.
The token to validate.
The that can be used to retrieve user properties.
The user a token should be validated for.
The that represents the asynchronous operation, containing the a flag indicating the result
of validating the for the specified and .
The task will return true if the token is valid, otherwise false.
Returns a flag indicating whether the token provider can generate a token suitable for two-factor authentication token for
the specified .
The that can be used to retrieve user properties.
The user a token could be generated for.
The that represents the asynchronous operation, containing the a flag indicating if a two
factor token could be generated by this provider for the specified .
The task will return true if a two-factor authentication token could be generated, otherwise false.
Provides an abstraction for user validation.
The type encapsulating a user.
Validates the specified as an asynchronous operation.
The that can be used to retrieve user properties.
The user to validate.
The that represents the asynchronous operation, containing the of the validation operation.
Options for configuring user lockout.
Gets or sets a flag indicating whether a new user can be locked out. Defaults to true.
True if a newly created user can be locked out, otherwise false.
Gets or sets the number of failed access attempts allowed before a user is locked out,
assuming lock out is enabled. Defaults to 5.
The number of failed access attempts allowed before a user is locked out, if lockout is enabled.
Gets or sets the a user is locked out for when a lockout occurs. Defaults to 5 minutes.
The a user is locked out for when a lockout occurs.
Implements the standard Identity password hashing.
The type used to represent a user.
Creates a new instance of .
The options for this instance.
Returns a hashed representation of the supplied for the specified .
The user whose password is to be hashed.
The password to hash.
A hashed representation of the supplied for the specified .
Returns a indicating the result of a password hash comparison.
The user whose password should be verified.
The hash value for a user's stored password.
The password supplied for comparison.
A indicating the result of a password hash comparison.
Implementations of this method should be time consistent.
Specifies the format used for hashing passwords.
Indicates hashing passwords in a way that is compatible with ASP.NET Identity versions 1 and 2.
Indicates hashing passwords in a way that is compatible with ASP.NET Identity version 3.
Specifies options for password hashing.
Gets or sets the compatibility mode used when hashing passwords. Defaults to 'ASP.NET Identity version 3'.
The compatibility mode used when hashing passwords.
Gets or sets the number of iterations used when hashing passwords using PBKDF2. Default is 10,000.
The number of iterations used when hashing passwords using PBKDF2.
This value is only used when the compatibility mode is set to 'V3'.
The value must be a positive integer.
Specifies options for password requirements.
Gets or sets the minimum length a password must be. Defaults to 6.
Gets or sets the minimum number of unique characters which a password must contain. Defaults to 1.
Gets or sets a flag indicating if passwords must contain a non-alphanumeric character. Defaults to true.
True if passwords must contain a non-alphanumeric character, otherwise false.
Gets or sets a flag indicating if passwords must contain a lower case ASCII character. Defaults to true.
True if passwords must contain a lower case ASCII character.
Gets or sets a flag indicating if passwords must contain a upper case ASCII character. Defaults to true.
True if passwords must contain a upper case ASCII character.
Gets or sets a flag indicating if passwords must contain a digit. Defaults to true.
True if passwords must contain a digit.
Provides the default password policy for Identity.
The type that represents a user.
Constructions a new instance of .
The to retrieve error text from.
Gets the used to supply error text.
The used to supply error text.
Validates a password as an asynchronous operation.
The to retrieve the properties from.
The user whose password should be validated.
The password supplied for validation
The task object representing the asynchronous operation.
Returns a flag indicating whether the supplied character is a digit.
The character to check if it is a digit.
True if the character is a digit, otherwise false.
Returns a flag indicating whether the supplied character is a lower case ASCII letter.
The character to check if it is a lower case ASCII letter.
True if the character is a lower case ASCII letter, otherwise false.
Returns a flag indicating whether the supplied character is an upper case ASCII letter.
The character to check if it is an upper case ASCII letter.
True if the character is an upper case ASCII letter, otherwise false.
Returns a flag indicating whether the supplied character is an ASCII letter or digit.
The character to check if it is an ASCII letter or digit.
True if the character is an ASCII letter or digit, otherwise false.
Specifies the results for password verification.
Indicates password verification failed.
Indicates password verification was successful.
Indicates password verification was successful however the password was encoded using a deprecated algorithm
and should be rehashed and updated.
Used to indicate that a something is considered personal data.
Represents a token provider that generates tokens from a user's security stamp and
sends them to the user via their phone number.
The type encapsulating a user.
Returns a flag indicating whether the token provider can generate a token suitable for two-factor authentication token for
the specified .
The that can be used to retrieve user properties.
The user a token could be generated for.
The that represents the asynchronous operation, containing the a flag indicating if a two
factor token could be generated by this provider for the specified .
The task will return true if a two-factor authentication token could be generated as the user has
a telephone number, otherwise false.
Returns a constant, provider and user unique modifier used for entropy in generated tokens from user information.
The purpose the token will be generated for.
The that can be used to retrieve user properties.
The user a token should be generated for.
The that represents the asynchronous operation, containing a constant modifier for the specified
and .
Used to indicate that a something is considered personal data and should be protected.
Provides the APIs for managing roles in a persistence store.
The type encapsulating a role.
The cancellation token used to cancel operations.
Constructs a new instance of .
The persistence store the manager will operate over.
A collection of validators for roles.
The normalizer to use when normalizing role names to keys.
The used to provider error messages.
The logger used to log messages, warnings and errors.
Gets the persistence store this instance operates over.
The persistence store this instance operates over.
Gets the used to log messages from the manager.
The used to log messages from the manager.
Gets a list of validators for roles to call before persistence.
A list of validators for roles to call before persistence.
Gets the used to provider error messages.
The used to provider error messages.
Gets the normalizer to use when normalizing role names to keys.
The normalizer to use when normalizing role names to keys.
Gets an IQueryable collection of Roles if the persistence store is an ,
otherwise throws a .
An IQueryable collection of Roles if the persistence store is an .
Thrown if the persistence store is not an .
Callers to this property should use to ensure the backing role store supports
returning an IQueryable list of roles.
Gets a flag indicating whether the underlying persistence store supports returning an collection of roles.
true if the underlying persistence store supports returning an collection of roles, otherwise false.
Gets a flag indicating whether the underlying persistence store supports s for roles.
true if the underlying persistence store supports s for roles, otherwise false.
Creates the specified in the persistence store.
The role to create.
The that represents the asynchronous operation.
Updates the normalized name for the specified .
The role whose normalized name needs to be updated.
The that represents the asynchronous operation.
Updates the specified .
The role to updated.
The that represents the asynchronous operation, containing the for the update.
Deletes the specified .
The role to delete.
The that represents the asynchronous operation, containing the for the delete.
Gets a flag indicating whether the specified exists.
The role name whose existence should be checked.
The that represents the asynchronous operation, containing true if the role name exists, otherwise false.
Gets a normalized representation of the specified .
The value to normalize.
A normalized representation of the specified .
Finds the role associated with the specified if any.
The role ID whose role should be returned.
The that represents the asynchronous operation, containing the role
associated with the specified
Gets the name of the specified .
The role whose name should be retrieved.
The that represents the asynchronous operation, containing the name of the
specified .
Sets the name of the specified .
The role whose name should be set.
The name to set.
The that represents the asynchronous operation, containing the
of the operation.
Gets the ID of the specified .
The role whose ID should be retrieved.
The that represents the asynchronous operation, containing the ID of the
specified .
Finds the role associated with the specified if any.
The name of the role to be returned.
The that represents the asynchronous operation, containing the role
associated with the specified
Adds a claim to a role.
The role to add the claim to.
The claim to add.
The that represents the asynchronous operation, containing the
of the operation.
Removes a claim from a role.
The role to remove the claim from.
The claim to remove.
The that represents the asynchronous operation, containing the
of the operation.
Gets a list of claims associated with the specified .
The role whose claims should be returned.
The that represents the asynchronous operation, containing the list of s
associated with the specified .
Releases all resources used by the role manager.
Releases the unmanaged resources used by the role manager and optionally releases the managed resources.
true to release both managed and unmanaged resources; false to release only unmanaged resources.
Should return if validation is successful. This is
called before saving the role via Create or Update.
The role
A representing whether validation was successful.
Called to update the role after validating and updating the normalized role name.
The role.
Whether the operation was successful.
Throws if this class has been disposed.
Provides the default validation of roles.
The type encapsulating a role.
Creates a new instance of .
The used to provider error messages.
Validates a role as an asynchronous operation.
The managing the role store.
The role to validate.
A that represents the of the asynchronous validation.
Options for configuring sign in.
Gets or sets a flag indicating whether a confirmed email address is required to sign in. Defaults to false.
True if a user must have a confirmed email address before they can sign in, otherwise false.
Gets or sets a flag indicating whether a confirmed telephone number is required to sign in. Defaults to false.
True if a user must have a confirmed telephone number before they can sign in, otherwise false.
Gets or sets a flag indicating whether a confirmed account is required to sign in. Defaults to false.
True if a user must have a confirmed account before they can sign in, otherwise false.
Represents the result of a sign-in operation.
Returns a flag indication whether the sign-in was successful.
True if the sign-in was successful, otherwise false.
Returns a flag indication whether the user attempting to sign-in is locked out.
True if the user attempting to sign-in is locked out, otherwise false.
Returns a flag indication whether the user attempting to sign-in is not allowed to sign-in.
True if the user attempting to sign-in is not allowed to sign-in, otherwise false.
Returns a flag indication whether the user attempting to sign-in requires two factor authentication.
True if the user attempting to sign-in requires two factor authentication, otherwise false.
Returns a that represents a successful sign-in.
A that represents a successful sign-in.
Returns a that represents a failed sign-in.
A that represents a failed sign-in.
Returns a that represents a sign-in attempt that failed because
the user was locked out.
A that represents sign-in attempt that failed due to the
user being locked out.
Returns a that represents a sign-in attempt that failed because
the user is not allowed to sign-in.
A that represents sign-in attempt that failed due to the
user is not allowed to sign-in.
Returns a that represents a sign-in attempt that needs two-factor
authentication.
A that represents sign-in attempt that needs two-factor
authentication.
Converts the value of the current object to its equivalent string representation.
A string representation of value of the current object.
Used for store specific options
If set to a positive number, the default OnModelCreating will use this value as the max length for any
properties used as keys, i.e. UserId, LoginProvider, ProviderKey.
If set to true, the store must protect all personally identifying data for a user.
This will be enforced by requiring the store to implement .
Options for user tokens.
Default token provider name used by email confirmation, password reset, and change email.
Default token provider name used by the email provider.
Default token provider name used by the phone provider.
Default token provider name used by the .
Will be used to construct UserTokenProviders with the key used as the providerName.
Gets or sets the token provider used to generate tokens used in account confirmation emails.
The used to generate tokens used in account confirmation emails.
Gets or sets the used to generate tokens used in password reset emails.
The used to generate tokens used in password reset emails.
Gets or sets the used to generate tokens used in email change confirmation emails.
The used to generate tokens used in email change confirmation emails.
Gets or sets the used to generate tokens used when changing phone numbers.
The used to generate tokens used when changing phone numbers.
Gets or sets the used to validate two factor sign ins with an authenticator.
The used to validate two factor sign ins with an authenticator.
Gets or sets the issuer used for the authenticator issuer.
Used to represents a token provider in 's TokenMap.
Initializes a new instance of the class.
The concrete type for this token provider.
The type that will be used for this token provider.
If specified, the instance to be used for the token provider.
Represents a token provider that generates time-based codes using the user's security stamp.
The type encapsulating a user.
Generates a token for the specified and .
The purpose the token will be used for.
The that can be used to retrieve user properties.
The user a token should be generated for.
The that represents the asynchronous operation, containing the token for the specified
and .
The parameter allows a token generator to be used for multiple types of token whilst
insuring a token for one purpose cannot be used for another. For example if you specified a purpose of "Email"
and validated it with the same purpose a token with the purpose of TOTP would not pass the check even if it was
for the same user.
Implementations of should validate that purpose is not null or empty to
help with token separation.
Returns a flag indicating whether the specified is valid for the given
and .
The purpose the token will be used for.
The token to validate.
The that can be used to retrieve user properties.
The user a token should be validated for.
The that represents the asynchronous operation, containing the a flag indicating the result
of validating the for the specified and .
The task will return true if the token is valid, otherwise false.
Returns a constant, provider and user unique modifier used for entropy in generated tokens from user information.
The purpose the token will be generated for.
The that can be used to retrieve user properties.
The user a token should be generated for.
The that represents the asynchronous operation, containing a constant modifier for the specified
and .
Returns a flag indicating whether the token provider can generate a token suitable for two-factor authentication token for
the specified .
The that can be used to retrieve user properties.
The user a token could be generated for.
The that represents the asynchronous operation, containing the a flag indicating if a two
factor token could be generated by this provider for the specified .
The task will return true if a two-factor authentication token could be generated, otherwise false.
Implements by converting keys to their upper cased invariant culture representation.
Returns a normalized representation of the specified .
The key to normalize.
A normalized representation of the specified .
Returns a normalized representation of the specified .
The email to normalize.
A normalized representation of the specified .
Provides methods to create a claims principal for a given user.
The type used to represent a user.
Initializes a new instance of the class.
The to retrieve user information from.
The configured .
Gets the for this factory.
The current for this factory instance.
Gets the for this factory.
The current for this factory instance.
Creates a from an user asynchronously.
The user to create a from.
The that represents the asynchronous creation operation, containing the created .
Generate the claims for a user.
The user to create a from.
The that represents the asynchronous creation operation, containing the created .
Provides methods to create a claims principal for a given user.
The type used to represent a user.
The type used to represent a role.
Initializes a new instance of the class.
The to retrieve user information from.
The to retrieve a user's roles from.
The configured .
Gets the for this factory.
The current for this factory instance.
Generate the claims for a user.
The user to create a from.
The that represents the asynchronous creation operation, containing the created .
Represents login information and source for a user record.
Creates a new instance of
The provider associated with this login information.
The unique identifier for this user provided by the login provider.
The display name for this user provided by the login provider.
Gets or sets the provider for this instance of .
The provider for the this instance of
Examples of the provider may be Local, Facebook, Google, etc.
Gets or sets the unique identifier for the user identity user provided by the login provider.
The unique identifier for the user identity user provided by the login provider.
This would be unique per provider, examples may be @microsoft as a Twitter provider key.
Gets or sets the display name for the provider.
The display name for the provider.
Examples of the display name may be local, FACEBOOK, Google, etc.
Provides the APIs for managing user in a persistence store.
The type encapsulating a user.
The data protection purpose used for the reset password related methods.
The data protection purpose used for the change phone number methods.
The data protection purpose used for the email confirmation related methods.
The cancellation token used to cancel operations.
Constructs a new instance of .
The persistence store the manager will operate over.
The accessor used to access the .
The password hashing implementation to use when saving passwords.
A collection of to validate users against.
A collection of to validate passwords against.
The to use when generating index keys for users.
The used to provider error messages.
The used to resolve services.
The logger used to log messages, warnings and errors.
Gets or sets the persistence store the manager operates over.
The persistence store the manager operates over.
The used to log messages from the manager.
The used to log messages from the manager.
The used to hash passwords.
The used to validate users.
The used to validate passwords.
The used to normalize things like user and role names.
The used to generate error messages.
The used to configure Identity.
Gets a flag indicating whether the backing user store supports authentication tokens.
true if the backing user store supports authentication tokens, otherwise false.
Gets a flag indicating whether the backing user store supports a user authenticator.
true if the backing user store supports a user authenticator, otherwise false.
Gets a flag indicating whether the backing user store supports recovery codes.
true if the backing user store supports a user authenticator, otherwise false.
Gets a flag indicating whether the backing user store supports two factor authentication.
true if the backing user store supports user two factor authentication, otherwise false.
Gets a flag indicating whether the backing user store supports user passwords.
true if the backing user store supports user passwords, otherwise false.
Gets a flag indicating whether the backing user store supports security stamps.
true if the backing user store supports user security stamps, otherwise false.
Gets a flag indicating whether the backing user store supports user roles.
true if the backing user store supports user roles, otherwise false.
Gets a flag indicating whether the backing user store supports external logins.
true if the backing user store supports external logins, otherwise false.
Gets a flag indicating whether the backing user store supports user emails.
true if the backing user store supports user emails, otherwise false.
Gets a flag indicating whether the backing user store supports user telephone numbers.
true if the backing user store supports user telephone numbers, otherwise false.
Gets a flag indicating whether the backing user store supports user claims.
true if the backing user store supports user claims, otherwise false.
Gets a flag indicating whether the backing user store supports user lock-outs.
true if the backing user store supports user lock-outs, otherwise false.
Gets a flag indicating whether the backing user store supports returning
collections of information.
true if the backing user store supports returning collections of
information, otherwise false.
Returns an IQueryable of users if the store is an IQueryableUserStore
Releases all resources used by the user manager.
Returns the Name claim value if present otherwise returns null.
The instance.
The Name claim value, or null if the claim is not present.
The Name claim is identified by .
Returns the User ID claim value if present otherwise returns null.
The instance.
The User ID claim value, or null if the claim is not present.
The User ID claim is identified by .
Returns the user corresponding to the IdentityOptions.ClaimsIdentity.UserIdClaimType claim in
the principal or null.
The principal which contains the user id claim.
The user corresponding to the IdentityOptions.ClaimsIdentity.UserIdClaimType claim in
the principal or null
Generates a value suitable for use in concurrency tracking.
The user to generate the stamp for.
The that represents the asynchronous operation, containing the security
stamp for the specified .
Creates the specified in the backing store with no password,
as an asynchronous operation.
The user to create.
The that represents the asynchronous operation, containing the
of the operation.
Updates the specified in the backing store.
The user to update.
The that represents the asynchronous operation, containing the
of the operation.
Deletes the specified from the backing store.
The user to delete.
The that represents the asynchronous operation, containing the
of the operation.
Finds and returns a user, if any, who has the specified .
The user ID to search for.
The that represents the asynchronous operation, containing the user matching the specified if it exists.
Finds and returns a user, if any, who has the specified user name.
The user name to search for.
The that represents the asynchronous operation, containing the user matching the specified if it exists.
Creates the specified in the backing store with given password,
as an asynchronous operation.
The user to create.
The password for the user to hash and store.
The that represents the asynchronous operation, containing the
of the operation.
Normalize user or role name for consistent comparisons.
The name to normalize.
A normalized value representing the specified .
Normalize email for consistent comparisons.
The email to normalize.
A normalized value representing the specified .
Updates the normalized user name for the specified .
The user whose user name should be normalized and updated.
The that represents the asynchronous operation.
Gets the user name for the specified .
The user whose name should be retrieved.
The that represents the asynchronous operation, containing the name for the specified .
Sets the given for the specified .
The user whose name should be set.
The user name to set.
The that represents the asynchronous operation.
Gets the user identifier for the specified .
The user whose identifier should be retrieved.
The that represents the asynchronous operation, containing the identifier for the specified .
Returns a flag indicating whether the given is valid for the
specified .
The user whose password should be validated.
The password to validate
The that represents the asynchronous operation, containing true if
the specified matches the one store for the ,
otherwise false.
Gets a flag indicating whether the specified has a password.
The user to return a flag for, indicating whether they have a password or not.
The that represents the asynchronous operation, returning true if the specified has a password
otherwise false.
Adds the to the specified only if the user
does not already have a password.
The user whose password should be set.
The password to set.
The that represents the asynchronous operation, containing the
of the operation.
Changes a user's password after confirming the specified is correct,
as an asynchronous operation.
The user whose password should be set.
The current password to validate before changing.
The new password to set for the specified .
The that represents the asynchronous operation, containing the
of the operation.
Removes a user's password.
The user whose password should be removed.
The that represents the asynchronous operation, containing the
of the operation.
Returns a indicating the result of a password hash comparison.
The store containing a user's password.
The user whose password should be verified.
The password to verify.
The that represents the asynchronous operation, containing the
of the operation.
Get the security stamp for the specified .
The user whose security stamp should be set.
The that represents the asynchronous operation, containing the security stamp for the specified .
Regenerates the security stamp for the specified .
The user whose security stamp should be regenerated.
The that represents the asynchronous operation, containing the
of the operation.
Regenerating a security stamp will sign out any saved login for the user.
Generates a password reset token for the specified , using
the configured password reset token provider.
The user to generate a password reset token for.
The that represents the asynchronous operation,
containing a password reset token for the specified .
Resets the 's password to the specified after
validating the given password reset .
The user whose password should be reset.
The password reset token to verify.
The new password to set if reset token verification succeeds.
The that represents the asynchronous operation, containing the
of the operation.
Retrieves the user associated with the specified external login provider and login provider key.
The login provider who provided the .
The key provided by the to identify a user.
The for the asynchronous operation, containing the user, if any which matched the specified login provider and key.
Attempts to remove the provided external login information from the specified .
and returns a flag indicating whether the removal succeed or not.
The user to remove the login information from.
The login provide whose information should be removed.
The key given by the external login provider for the specified user.
The that represents the asynchronous operation, containing the
of the operation.
Adds an external to the specified .
The user to add the login to.
The external to add to the specified .
The that represents the asynchronous operation, containing the
of the operation.
Retrieves the associated logins for the specified .
The user whose associated logins to retrieve.
The for the asynchronous operation, containing a list of for the specified , if any.
Adds the specified to the .
The user to add the claim to.
The claim to add.
The that represents the asynchronous operation, containing the
of the operation.
Adds the specified to the .
The user to add the claim to.
The claims to add.
The that represents the asynchronous operation, containing the
of the operation.
Replaces the given on the specified with the
The user to replace the claim on.
The claim to replace.
The new claim to replace the existing with.
The that represents the asynchronous operation, containing the
of the operation.
Removes the specified from the given .
The user to remove the specified from.
The to remove.
The that represents the asynchronous operation, containing the
of the operation.
Removes the specified from the given .
The user to remove the specified from.
A collection of s to remove.
The that represents the asynchronous operation, containing the
of the operation.
Gets a list of s to be belonging to the specified as an asynchronous operation.
The user whose claims to retrieve.
A that represents the result of the asynchronous query, a list of s.
Add the specified to the named role.
The user to add to the named role.
The name of the role to add the user to.
The that represents the asynchronous operation, containing the
of the operation.
Add the specified to the named roles.
The user to add to the named roles.
The name of the roles to add the user to.
The that represents the asynchronous operation, containing the
of the operation.
Removes the specified from the named role.
The user to remove from the named role.
The name of the role to remove the user from.
The that represents the asynchronous operation, containing the
of the operation.
Removes the specified from the named roles.
The user to remove from the named roles.
The name of the roles to remove the user from.
The that represents the asynchronous operation, containing the
of the operation.
Gets a list of role names the specified belongs to.
The user whose role names to retrieve.
The that represents the asynchronous operation, containing a list of role names.
Returns a flag indicating whether the specified is a member of the given named role.
The user whose role membership should be checked.
The name of the role to be checked.
The that represents the asynchronous operation, containing a flag indicating whether the specified is
a member of the named role.
Gets the email address for the specified .
The user whose email should be returned.
The task object containing the results of the asynchronous operation, the email address for the specified .
Sets the address for a .
The user whose email should be set.
The email to set.
The that represents the asynchronous operation, containing the
of the operation.
Gets the user, if any, associated with the normalized value of the specified email address.
Note: Its recommended that identityOptions.User.RequireUniqueEmail be set to true when using this method, otherwise
the store may throw if there are users with duplicate emails.
The email address to return the user for.
The task object containing the results of the asynchronous lookup operation, the user, if any, associated with a normalized value of the specified email address.
Updates the normalized email for the specified .
The user whose email address should be normalized and updated.
The task object representing the asynchronous operation.
Generates an email confirmation token for the specified user.
The user to generate an email confirmation token for.
The that represents the asynchronous operation, an email confirmation token.
Validates that an email confirmation token matches the specified .
The user to validate the token against.
The email confirmation token to validate.
The that represents the asynchronous operation, containing the
of the operation.
Gets a flag indicating whether the email address for the specified has been verified, true if the email address is verified otherwise
false.
The user whose email confirmation status should be returned.
The task object containing the results of the asynchronous operation, a flag indicating whether the email address for the specified
has been confirmed or not.
Generates an email change token for the specified user.
The user to generate an email change token for.
The new email address.
The that represents the asynchronous operation, an email change token.
Updates a users emails if the specified email change is valid for the user.
The user whose email should be updated.
The new email address.
The change email token to be verified.
The that represents the asynchronous operation, containing the
of the operation.
Gets the telephone number, if any, for the specified .
The user whose telephone number should be retrieved.
The that represents the asynchronous operation, containing the user's telephone number, if any.
Sets the phone number for the specified .
The user whose phone number to set.
The phone number to set.
The that represents the asynchronous operation, containing the
of the operation.
Sets the phone number for the specified if the specified
change is valid.
The user whose phone number to set.
The phone number to set.
The phone number confirmation token to validate.
The that represents the asynchronous operation, containing the
of the operation.
Gets a flag indicating whether the specified 's telephone number has been confirmed.
The user to return a flag for, indicating whether their telephone number is confirmed.
The that represents the asynchronous operation, returning true if the specified has a confirmed
telephone number otherwise false.
Generates a telephone number change token for the specified user.
The user to generate a telephone number token for.
The new phone number the validation token should be sent to.
The that represents the asynchronous operation, containing the telephone change number token.
Returns a flag indicating whether the specified 's phone number change verification
token is valid for the given .
The user to validate the token against.
The telephone number change token to validate.
The telephone number the token was generated for.
The that represents the asynchronous operation, returning true if the
is valid, otherwise false.
Returns a flag indicating whether the specified is valid for
the given and .
The user to validate the token against.
The token provider used to generate the token.
The purpose the token should be generated for.
The token to validate
The that represents the asynchronous operation, returning true if the
is valid, otherwise false.
Generates a token for the given and .
The purpose the token will be for.
The user the token will be for.
The provider which will generate the token.
The that represents result of the asynchronous operation, a token for
the given user and purpose.
Registers a token provider.
The name of the provider to register.
The provider to register.
Gets a list of valid two factor token providers for the specified ,
as an asynchronous operation.
The user the whose two factor authentication providers will be returned.
The that represents result of the asynchronous operation, a list of two
factor authentication providers for the specified user.
Verifies the specified two factor authentication against the .
The user the token is supposed to be for.
The provider which will verify the token.
The token to verify.
The that represents result of the asynchronous operation, true if the token is valid,
otherwise false.
Gets a two factor authentication token for the specified .
The user the token is for.
The provider which will generate the token.
The that represents result of the asynchronous operation, a two factor authentication token
for the user.
Returns a flag indicating whether the specified has two factor authentication enabled or not,
as an asynchronous operation.
The user whose two factor authentication enabled status should be retrieved.
The that represents the asynchronous operation, true if the specified
has two factor authentication enabled, otherwise false.
Sets a flag indicating whether the specified has two factor authentication enabled or not,
as an asynchronous operation.
The user whose two factor authentication enabled status should be set.
A flag indicating whether the specified has two factor authentication enabled.
The that represents the asynchronous operation, the of the operation
Returns a flag indicating whether the specified is locked out,
as an asynchronous operation.
The user whose locked out status should be retrieved.
The that represents the asynchronous operation, true if the specified
is locked out, otherwise false.
Sets a flag indicating whether the specified is locked out,
as an asynchronous operation.
The user whose locked out status should be set.
Flag indicating whether the user is locked out or not.
The that represents the asynchronous operation, the of the operation
Retrieves a flag indicating whether user lockout can be enabled for the specified user.
The user whose ability to be locked out should be returned.
The that represents the asynchronous operation, true if a user can be locked out, otherwise false.
Gets the last a user's last lockout expired, if any.
A time value in the past indicates a user is not currently locked out.
The user whose lockout date should be retrieved.
A that represents the lookup, a containing the last time a user's lockout expired, if any.
Locks out a user until the specified end date has passed. Setting a end date in the past immediately unlocks a user.
The user whose lockout date should be set.
The after which the 's lockout should end.
The that represents the asynchronous operation, containing the of the operation.
Increments the access failed count for the user as an asynchronous operation.
If the failed access account is greater than or equal to the configured maximum number of attempts,
the user will be locked out for the configured lockout time span.
The user whose failed access count to increment.
The that represents the asynchronous operation, containing the of the operation.
Resets the access failed count for the specified .
The user whose failed access count should be reset.
The that represents the asynchronous operation, containing the of the operation.
Retrieves the current number of failed accesses for the given .
The user whose access failed count should be retrieved for.
The that contains the result the asynchronous operation, the current failed access count
for the user.
Returns a list of users from the user store who have the specified .
The claim to look for.
A that represents the result of the asynchronous query, a list of s who
have the specified claim.
Returns a list of users from the user store who are members of the specified .
The name of the role whose users should be returned.
A that represents the result of the asynchronous query, a list of s who
are members of the specified role.
Returns an authentication token for a user.
The authentication scheme for the provider the token is associated with.
The name of the token.
The authentication token for a user
Sets an authentication token for a user.
The authentication scheme for the provider the token is associated with.
The name of the token.
The value of the token.
Whether the user was successfully updated.
Remove an authentication token for a user.
The authentication scheme for the provider the token is associated with.
The name of the token.
Whether a token was removed.
Returns the authenticator key for the user.
The user.
The authenticator key
Resets the authenticator key for the user.
The user.
Whether the user was successfully updated.
Generates a new base32 encoded 160-bit security secret (size of SHA1 hash).
The new security secret.
Generates recovery codes for the user, this invalidates any previous recovery codes for the user.
The user to generate recovery codes for.
The number of codes to generate.
The new recovery codes for the user. Note: there may be less than number returned, as duplicates will be removed.
Generate a new recovery code.
Returns whether a recovery code is valid for a user. Note: recovery codes are only valid
once, and will be invalid after use.
The user who owns the recovery code.
The recovery code to use.
True if the recovery code was found for the user.
Returns how many recovery code are still valid for a user.
The user.
How many recovery code are still valid for a user.
Releases the unmanaged resources used by the role manager and optionally releases the managed resources.
true to release both managed and unmanaged resources; false to release only unmanaged resources.
Creates bytes to use as a security token from the user's security stamp.
The user.
The security token bytes.
Updates a user's password hash.
The user.
The new password.
Whether to validate the password.
Whether the password has was successfully updated.
Generates the token purpose used to change email.
The new email address.
The token purpose.
Should return if validation is successful. This is
called before saving the user via Create or Update.
The user
A representing whether validation was successful.
Should return if validation is successful. This is
called before updating the password hash.
The user.
The password.
A representing whether validation was successful.
Called to update the user after validating and updating the normalized email/user name.
The user.
Whether the operation was successful.
Throws if this class has been disposed.
Options for user validation.
Gets or sets the list of allowed characters in the username used to validate user names. Defaults to abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-._@+
The list of allowed characters in the username used to validate user names.
Gets or sets a flag indicating whether the application requires unique emails for its users. Defaults to false.
True if the application requires each user to have their own, unique email, otherwise false.
Provides validation services for user classes.
The type encapsulating a user.
Creates a new instance of .
The used to provider error messages.
Gets the used to provider error messages for the current .
The used to provider error messages for the current .
Validates the specified as an asynchronous operation.
The that can be used to retrieve user properties.
The user to validate.
The that represents the asynchronous operation, containing the of the validation operation.
Contains extension methods to for configuring identity services.
Adds and configures the identity system for the specified User type. Role services are not added
by default but can be added with .
The type representing a User in the system.
The services available in the application.
An for creating and configuring the identity system.
Adds and configures the identity system for the specified User type. Role services are not added by default
but can be added with .
The type representing a User in the system.
The services available in the application.
An action to configure the .
An for creating and configuring the identity system.
Optimistic concurrency failure, object has been modified.
An unknown failure has occurred.
Email '{0}' is already taken.
Email '{0}' is already taken.
Role name '{0}' is already taken.
Role name '{0}' is already taken.
Username '{0}' is already taken.
Username '{0}' is already taken.
Email '{0}' is invalid.
Email '{0}' is invalid.
Type {0} must derive from {1}<{2}>.
Type {0} must derive from {1}<{2}>.
The provided PasswordHasherCompatibilityMode is invalid.
The iteration count must be a positive integer.
Role name '{0}' is invalid.
Role name '{0}' is invalid.
Invalid token.
Username '{0}' is invalid, can only contain letters or digits.
Username '{0}' is invalid, can only contain letters or digits.
A user with this login already exists.
AddIdentity must be called on the service collection.
No IUserTwoFactorTokenProvider<{0}> named '{1}' is registered.
No IUserTwoFactorTokenProvider<{0}> named '{1}' is registered.
User security stamp cannot be null.
Incorrect password.
Passwords must have at least one digit ('0'-'9').
Passwords must have at least one lowercase ('a'-'z').
Passwords must have at least one non alphanumeric character.
Passwords must have at least one uppercase ('A'-'Z').
Passwords must be at least {0} characters.
Passwords must be at least {0} characters.
Role {0} does not exist.
Role {0} does not exist.
Store does not implement IQueryableRoleStore<TRole>.
Store does not implement IQueryableUserStore<TUser>.
Store does not implement IRoleClaimStore<TRole>.
Store does not implement IUserAuthenticationTokenStore<User>.
Store does not implement IUserClaimStore<TUser>.
Store does not implement IUserConfirmationStore<TUser>.
Store does not implement IUserEmailStore<TUser>.
Store does not implement IUserLockoutStore<TUser>.
Store does not implement IUserLoginStore<TUser>.
Store does not implement IUserPasswordStore<TUser>.
Store does not implement IUserPhoneNumberStore<TUser>.
Store does not implement IUserRoleStore<TUser>.
Store does not implement IUserSecurityStampStore<TUser>.
Store does not implement IUserAuthenticatorKeyStore<User>.
Store does not implement IUserTwoFactorStore<TUser>.
Recovery code redemption failed.
User already has a password set.
User already in role '{0}'.
User already in role '{0}'.
User is locked out.
Lockout is not enabled for this user.
User {0} does not exist.
User {0} does not exist.
User is not in role '{0}'.
User is not in role '{0}'.
Store does not implement IUserTwoFactorRecoveryCodeStore<User>.
Passwords must use at least {0} different characters.
Passwords must use at least {0} different characters.
No RoleType was specified, try AddRoles<TRole>().
Store does not implement IProtectedUserStore<TUser> which is required when ProtectPersonalData = true.
No IPersonalDataProtector service was registered, this is required when ProtectPersonalData = true.
Claims related extensions for .
Returns the value for the first claim of the specified type, otherwise null if the claim is not present.
The instance this method extends.
The claim type whose first value should be returned.
The value of the first instance of the specified claim type, or null if the claim is not present.