Should I store user data as claims or in a user profile table?
I am working on a public system that would ideally grow to a lot of traffic. This is all the work of C # .net.
I am using a claims based id, so I am currently using a user claims table to store user data, but as the user base grows, I feel it will get too slow to support traffic. I am thinking about the possibility of creating a custom profile table to store non-security data horizontally instead of vertically as in the claims table, leaving only the security data in the claims table.
Is this a reasonable approach to the problem? Can anyone share some knowledge with the experience they had with the script?
Update
My question is not about the size of the token JWT
passed with the user id. My question is strictly using the "UserClaim" table to store ALL user data in the form Claim
, not for UserProfile
or a similar table for storing certain things.
source to share
I would recommend storing data only in tokens that are used in authorization permissions, rather than bloating a token with user profile information.
Things like the timestamps between which the token is valid, the audience the token is for, the username, groups and roles for the user. See here for details .
Storing the profile information in a token will force your application to receive a new token if any of this information changes. Tokens are usually cached throughout their life so as not to swap them more often than necessary.
source to share