SharePoint : Get User’s login name from claims encoded value

There are sometimes scenarios where we have to get user’s login name and we have only claims encoded value (like this i:0#.w|domain\username or i:0#.f|membershipprovider| In SharePoint 2013 / 2010, there is SPClaimProviderManager class available which can decode the claims and provide user’s login name.

I have created a method, which accepts claims encoded value as parameter and returns user’s login name (only if claims are resolved properly).

private string GetUsernameFromClaim(string claimsEncodedUsername)
 SPClaimProviderManager mgr = SPClaimProviderManager.Local;
 if (mgr != null)
 if (SPClaimProviderManager.IsEncodedClaim(claimsEncodedUsername))
 // return the normal domain\username without any claims identification data
 return mgr.DecodeClaim(claimsEncodedUsername).Value;
 catch (Exception ex)
 return claimsEncodedUsername; // Or just return the original username.

 // Return the original username value if it couldn't be resolved as a claims username
 return claimsEncodedUsername;

Note : Add namespace “Microsoft.SharePoint.Administration.Claims” to use above class.

Read user claims information in SharePoint 2013

In this article, we will see how to read user claims in SharePoint 2013. For this I have prepared one httphandler, which will read the claims information of current logged in user (authentication type windows, forms or third party trusted provider).

using Microsoft.IdentityModel.Claims;
using Microsoft.SharePoint;
using Microsoft.SharePoint.Administration.Claims;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Text;
using System.Threading.Tasks;
using System.Web;

namespace SSONamespace
    class SSOAuthenticationExample : IHttpModule
        public void Init(HttpApplication context)
            context.PreRequestHandlerExecute += new EventHandler(context_PreRequestHandlerExecute);

        void context_PreRequestHandlerExecute(object sender, EventArgs e)
            string requestUrl = HttpContext.Current.Request.Url.ToString();
            IClaimsIdentity ci = (IClaimsIdentity)HttpContext.Current.User.Identity;
            List<Claim> claimCollection = ci.Claims.OfType<Claim>().Select(x => x).ToList();

	/*Uncomment these lines to see all claims entries */
            //string text = string.Empty;
            //foreach (Claim item in ci.Claims)
            //    text += item.ClaimType + " : " + item.Value + " | ";

            //System.IO.File.WriteAllText(@"C:\SSOClaims.txt", text);
		//fetch information from claims
            string userName = claimCollection.Where(x => x.ClaimType.ToLower().Contains("userid")).Select(y => y.Value).FirstOrDefault();

        public void Dispose() { }


Now deploy this code and add below entry in web.config file of web application :

    <add name="SSONamespaceModule" type="SSONamespace.SSOAuthenticationExample , SSONamespace, Version=, Culture=neutral, PublicKeyToken=3af8d8e2f9e8b6c3"  precondition="integratedmode" />

Note : Replace PublicKeyToken value from your own project’s PublicKeyToken