Examine User Identity and Claims from Visual Studio Debugger

When debugging a claims-aware application (you ARE using claims, aren’t you?), sometimes it is useful to answer the question “which user is logged in (if any) and (if so) which claims are associated with said user.”

Assuming you are using Visual Studio and .NET 4.5, the simple solution is to add the following to one of your Visual Studio Watch windows:


[If you happen to be debugging ASP.NET code, you could save a little typing and instead add User to your Watch window. User should have the same value as the CurrentPrincipal in the context of ASP.NET. For ASP.NET WebForms User is a property of the Page class (Page.User), while for ASP.NET MVC User is a property of both the Controller class (Controller.User) and the HttpContext class (HttpContext.User).]

Drill in, and you will see something like the following:


If you then right-click on the Results View entry under Claims (the one that says “Expanding the Results View will enumerate the IEnumerable”) and, uhh, click on that entry to expand the results view, you will see all the claims.

In my case, some claims were flowing through Windows Azure Access Control Service (ACS), and these list the ACS namespace as the Issuer. Other claims were added at runtime by my code using a ClaimsAuthenticationManager module, and these list LOCAL AUTHORITY as the Issuer.


Alternatively, you can add the more complex direct expression to your Watch window – using the cast to coerce the right values:


This will also do the job – with a little less drilling.


1 thought on “Examine User Identity and Claims from Visual Studio Debugger

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.