CookieAuthenticationOptions Class

Reference

Definition

Namespace:: Microsoft.AspNetCore.Authentication.Cookies

Assembly:: Microsoft.AspNetCore.Authentication.Cookies.dll

Package:: Microsoft.AspNetCore.Authentication.Cookies v2.0.0

Package:: Microsoft.AspNetCore.Authentication.Cookies v2.1.0

Package:: Microsoft.AspNetCore.Authentication.Cookies v2.2.0

Package:: Microsoft.AspNetCore.App.Ref v3.0.1

Package:: Microsoft.AspNetCore.App.Ref v3.1.10

Package:: Microsoft.AspNetCore.App.Ref v5.0.0

Package:: Microsoft.AspNetCore.App.Ref v6.0.6

Package:: Microsoft.AspNetCore.App.Ref v7.0.5

Package:: Microsoft.AspNetCore.App.Ref v8.0.0

Package:: Microsoft.AspNetCore.App.Ref v9.0.0-rc.2.24474.3

Source:: CookieAuthenticationOptions.cs

Source:: CookieAuthenticationOptions.cs

Source:: CookieAuthenticationOptions.cs

Important

Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Configuration options for CookieAuthenticationOptions.

public ref class CookieAuthenticationOptions : Microsoft::AspNetCore::Authentication::AuthenticationSchemeOptions

public class CookieAuthenticationOptions : Microsoft.AspNetCore.Authentication.AuthenticationSchemeOptions

type CookieAuthenticationOptions = class
    inherit AuthenticationSchemeOptions

Public Class CookieAuthenticationOptions
Inherits AuthenticationSchemeOptions

Inheritance: Object

AuthenticationSchemeOptions
CookieAuthenticationOptions

Constructors

CookieAuthenticationOptions()

Create an instance of the options initialized with the default values

Properties

AccessDeniedPath	The AccessDeniedPath property is used by the handler for the redirection target when handling ForbidAsync.
ClaimsIssuer	Gets or sets the issuer that should be used for any claims that are created (Inherited from AuthenticationSchemeOptions)
Cookie	Determines the settings used to create the cookie.
CookieDomain	Obsolete. This property is obsolete and will be removed in a future version. The recommended alternative is on Cookie. Determines the domain used to create the cookie. Is not provided by default.
CookieHttpOnly	Obsolete. Obsolete. This property is obsolete and will be removed in a future version. The recommended alternative is on Cookie. Determines if the browser should allow the cookie to be accessed by client-side javascript. The default is true, which means the cookie will only be passed to http requests and is not made available to script on the page.
CookieManager	The component used to get cookies from the request or set them on the response. ChunkingCookieManager will be used by default.
CookieName	Obsolete. Obsolete. This property is obsolete and will be removed in a future version. The recommended alternative is on Cookie. Determines the cookie name used to persist the identity. The default value is ".AspNetCore.Cookies". This value should be changed if you change the name of the AuthenticationScheme, especially if your system uses the cookie authentication handler multiple times.
CookiePath	Obsolete. This property is obsolete and will be removed in a future version. The recommended alternative is on Cookie. Determines the path used to create the cookie. The default value is "/" for highest browser compatibility.
CookieSecure	Obsolete. This property is obsolete and will be removed in a future version. The recommended alternative is on Cookie. Determines if the cookie should only be transmitted on HTTPS request. The default is to limit the cookie to HTTPS requests if the page which is doing the SignIn is also HTTPS. If you have an HTTPS sign in page and portions of your site are HTTP you may need to change this value.
DataProtectionProvider	If set this will be used by the CookieAuthenticationHandler for data protection.
Events	The Provider may be assigned to an instance of an object created by the application at startup time. The handler calls methods on the provider which give the application control at certain points where processing is occurring. If it is not provided a default instance is supplied which does nothing when the methods are called.
EventsType	If set, will be used as the service type to get the Events instance instead of the property. (Inherited from AuthenticationSchemeOptions)
ExpireTimeSpan	Controls how much time the authentication ticket stored in the cookie will remain valid from the point it is created. The expiration information is stored in the protected cookie ticket. Because of that an expired cookie will be ignored even if it is passed to the server after the browser should have purged it. This is separate from the value of Expires, which specifies how long the browser will keep the cookie.
ForwardAuthenticate	If set, this specifies the target scheme that this scheme should forward AuthenticateAsync calls to. For example Context.AuthenticateAsync("ThisScheme") => Context.AuthenticateAsync("ForwardAuthenticateValue"); Set the target to the current scheme to disable forwarding and allow normal processing. (Inherited from AuthenticationSchemeOptions)
ForwardChallenge	If set, this specifies the target scheme that this scheme should forward ChallengeAsync calls to. For example Context.ChallengeAsync("ThisScheme") => Context.ChallengeAsync("ForwardChallengeValue"); Set the target to the current scheme to disable forwarding and allow normal processing. (Inherited from AuthenticationSchemeOptions)
ForwardDefault	If set, this specifies a default scheme that authentication handlers should forward all authentication operations to by default. The default forwarding logic will check the most specific ForwardAuthenticate/Challenge/Forbid/SignIn/SignOut setting first, followed by checking the ForwardDefaultSelector, followed by ForwardDefault. The first non null result will be used as the target scheme to forward to. (Inherited from AuthenticationSchemeOptions)
ForwardDefaultSelector	Used to select a default scheme for the current request that authentication handlers should forward all authentication operations to by default. The default forwarding logic will check the most specific ForwardAuthenticate/Challenge/Forbid/SignIn/SignOut setting first, followed by checking the ForwardDefaultSelector, followed by ForwardDefault. The first non null result will be used as the target scheme to forward to. (Inherited from AuthenticationSchemeOptions)
ForwardForbid	If set, this specifies the target scheme that this scheme should forward ForbidAsync calls to. For example Context.ForbidAsync("ThisScheme") => Context.ForbidAsync("ForwardForbidValue"); Set the target to the current scheme to disable forwarding and allow normal processing. (Inherited from AuthenticationSchemeOptions)
ForwardSignIn	If set, this specifies the target scheme that this scheme should forward SignInAsync calls to. For example Context.SignInAsync("ThisScheme") => Context.SignInAsync("ForwardSignInValue"); Set the target to the current scheme to disable forwarding and allow normal processing. (Inherited from AuthenticationSchemeOptions)
ForwardSignOut	If set, this specifies the target scheme that this scheme should forward SignOutAsync calls to. For example Context.SignOutAsync("ThisScheme") => Context.SignOutAsync("ForwardSignOutValue"); Set the target to the current scheme to disable forwarding and allow normal processing. (Inherited from AuthenticationSchemeOptions)
LoginPath	The LoginPath property is used by the handler for the redirection target when handling ChallengeAsync. The current url which is added to the LoginPath as a query string parameter named by the ReturnUrlParameter. Once a request to the LoginPath grants a new SignIn identity, the ReturnUrlParameter value is used to redirect the browser back to the original url.
LogoutPath	If the LogoutPath is provided the handler then a request to that path will redirect based on the ReturnUrlParameter.
ReturnUrlParameter	The ReturnUrlParameter determines the name of the query string parameter which is appended by the handler during a Challenge. This is also the query string parameter looked for when a request arrives on the login path or logout path, in order to return to the original url after the action is performed.
SessionStore	An optional container in which to store the identity across requests. When used, only a session identifier is sent to the client. This can be used to mitigate potential problems with very large identities.
SlidingExpiration	The SlidingExpiration is set to true to instruct the handler to re-issue a new cookie with a new expiration time any time it processes a request which is more than halfway through the expiration window.
TicketDataFormat	The TicketDataFormat is used to protect and unprotect the identity and other properties which are stored in the cookie value. If not provided one will be created using DataProtectionProvider.
TimeProvider	Used for testing. (Inherited from AuthenticationSchemeOptions)

Methods

Validate()	Check that the options are valid. Should throw an exception if things are not ok. (Inherited from AuthenticationSchemeOptions)
Validate(String)	Checks that the options are valid for a specific scheme (Inherited from AuthenticationSchemeOptions)

Applies to

Share via