The Claims are being included in the JWT building despite the attempt to reduce them via options.ClaimsProvider = context => new Claim[] { };. We have an OAuth server and our app is using UseOpenIdConnectAuthentication.

I think the "MaxTokenLength" should be configurable and perhaps should not even be a worry since JWTs do not seem to have an official max length. I propose the following change to Microsoft.Azure.SignalR.Common\Auth\AuthUtility.cs:

private static int _maxTokenLength;
private static int MaxTokenLength
{
	get
	{
		if (_maxTokenLength > 0)
		{
			return _maxTokenLength;
		}
		else 
		{
			if (int.TryParse(System.Configuration.ConfigurationManager.AppSettings["Azure:SignalR:MaxTokenLength"], out _maxTokenLength))
			{
				return _maxTokenLength;
			}
			else
			{
				return _maxTokenLength = 4096;
			}
		}
	}
}

Project is .NET Framework 4.8, MVC

• Your Azure SignalR SDK version: Microsoft.Azure.SignalR.AspNet: 1.25.1
• Your Server ASPNETCORE version or Assembly version of Microsoft.AspNetCore.SignalR.Common: 5.0.17
• Your SignalR Client SDK version: Microsoft.AspNet.SignalR: 2.4.3

Actually Azure SignalR service has such request length limit, so we add a precheck in the SDK to notify users about this error beforehand. options.ClaimsProvider = context => new Claim[] { }; should work, otherwise it is a bug, I did a quick try and looks like it is working fine. Could you share with me a minimum reproable project?

Ok, well, this is a bit embarrassing. In my haste, I overlooked the fact that app.MapAzureSignalR() was being called twice in our Startup. The first one did not have the Claims edit, but the one I was focused on did. The first mapping took precedence making the second mapping ineffective. I didn't see it until I started refactoring the Startup to remove code smell. I guess that's a consistent philosophy: if you can't find something, it's time to start cleaning up.

I appreciate your time and the information!

Thanks for the updates.