What do the SignInOptions do?

David Thielen 2,421 Reputation points
2023-04-24T22:56:46.68+00:00

When starting I can call

builder.Services.Configure<IdentityOptions>(options =>
        {
            options.SignIn.
            options.SignIn.RequireConfirmedEmail = true;
            options.SignIn.RequireConfirmedPhoneNumber = true;
        });
  1. What does RequireConfirmedAccount == true mean? What is its impact?
  2. I assume that the other two mean you can't log in until you've confirmed. Correct?
  3. Does the Identity code do anything if RequireConfirmedPhoneNumber == true? If so, what? If not, what do I need to do to help the user confirm their phone? thanks - dave
ASP.NET Core
ASP.NET Core
A set of technologies in the .NET Framework for building web applications and XML web services.
4,283 questions
{count} votes

Accepted answer
  1. AgaveJoe 26,671 Reputation points
    2023-04-25T13:35:06.6733333+00:00

    What does RequireConfirmedAccount == true mean? What is its impact?

    Core is open source. I feel reading the code is the easiest way to figure out what's going on.

    namespace Microsoft.AspNetCore.Identity;
    
    /// <summary>
    /// Options for configuring sign in.
    /// </summary>
    public class SignInOptions
    {
        /// <summary>
        /// Gets or sets a flag indicating whether a confirmed email address is required to sign in. Defaults to false.
        /// </summary>
        /// <value>True if a user must have a confirmed email address before they can sign in, otherwise false.</value>
        public bool RequireConfirmedEmail { get; set; }
    
        /// <summary>
        /// Gets or sets a flag indicating whether a confirmed telephone number is required to sign in. Defaults to false.
        /// </summary>
        /// <value>True if a user must have a confirmed telephone number before they can sign in, otherwise false.</value>
        public bool RequireConfirmedPhoneNumber { get; set; }
    
        /// <summary>
        /// Gets or sets a flag indicating whether a confirmed <see cref="IUserConfirmation{TUser}"/> account is required to sign in. Defaults to false.
        /// </summary>
        /// <value>True if a user must have a confirmed account before they can sign in, otherwise false.</value>
        public bool RequireConfirmedAccount { get; set; }
    }
    

    https://github.com/dotnet/aspnetcore/blob/main/src/Identity/Extensions.Core/src/SignInOptions.cs If you take a look at the Identity AspNetUsers table you'll see columns that correspond to the SignInOptions.

    Does the Identity code do anything if RequireConfirmedPhoneNumber == true? If so, what? If not, what do I need to do to help the user confirm their phone?

    The user cannot login if the phone number is not confirmed. Phone number confirmation can be accomplished over SMS. You need to a 3rd party SMS service to confirm the phone number.
    Two-factor authentication with SMS in ASP.NET Core


0 additional answers

Sort by: Most helpful