diff --git a/src/KeycloakIdentityModel/KeycloakIdentityModel.csproj b/src/KeycloakIdentityModel/KeycloakIdentityModel.csproj
index 6e81d1f..d11d778 100644
--- a/src/KeycloakIdentityModel/KeycloakIdentityModel.csproj
+++ b/src/KeycloakIdentityModel/KeycloakIdentityModel.csproj
@@ -69,6 +69,7 @@
     <Compile Include="Models\Configuration\IKeycloakSettings.cs" />
     <Compile Include="Extensions\DateTimeExtension.cs" />
     <Compile Include="Extensions\JwtSecurityTokenExtension.cs" />
+    <Compile Include="Models\EventArgs\OnAuthenticatedEventArgs.cs" />
     <Compile Include="Utilities\ClaimMapping\ClaimLookup.cs" />
     <Compile Include="Utilities\ClaimMapping\ClaimMappings.cs" />
     <Compile Include="Global.cs" />
diff --git a/src/KeycloakIdentityModel/Models/EventArgs/OnAuthenticatedEventArgs.cs b/src/KeycloakIdentityModel/Models/EventArgs/OnAuthenticatedEventArgs.cs
new file mode 100644
index 0000000..c0b86e9
--- /dev/null
+++ b/src/KeycloakIdentityModel/Models/EventArgs/OnAuthenticatedEventArgs.cs
@@ -0,0 +1,7 @@
+namespace KeycloakIdentityModel.Models.EventArgs
+{
+    public class OnAuthenticatedEventArgs: System.EventArgs
+    {
+        public string RedirectUri { get; set; }
+    }
+}
diff --git a/src/Owin.Security.Keycloak/Configuration/KeycloakAuthenticationOptions.cs b/src/Owin.Security.Keycloak/Configuration/KeycloakAuthenticationOptions.cs
index f691c11..17523c6 100644
--- a/src/Owin.Security.Keycloak/Configuration/KeycloakAuthenticationOptions.cs
+++ b/src/Owin.Security.Keycloak/Configuration/KeycloakAuthenticationOptions.cs
@@ -1,5 +1,7 @@
 using System;
 using KeycloakIdentityModel.Models.Configuration;
+using KeycloakIdentityModel.Models.EventArgs;
+using Microsoft.Owin;
 using Microsoft.Owin.Security;
 
 namespace Owin.Security.Keycloak
@@ -191,5 +193,10 @@ public KeycloakAuthenticationOptions()
 
         public string CallbackPath { get; set; }
         public string ResponseType { get; set; }
+
+        /// <summary>
+        ///     OPTIONAL: Triggers <see cref="Action"/> to fire after a successful authentication.
+        /// </summary>
+        public Action<IOwinContext, OnAuthenticatedEventArgs> OnAuthenticated { get; set; }
     }
 }
\ No newline at end of file
diff --git a/src/Owin.Security.Keycloak/Middleware/KeycloakAuthenticationHandler.cs b/src/Owin.Security.Keycloak/Middleware/KeycloakAuthenticationHandler.cs
index 9e24efb..cdfc737 100644
--- a/src/Owin.Security.Keycloak/Middleware/KeycloakAuthenticationHandler.cs
+++ b/src/Owin.Security.Keycloak/Middleware/KeycloakAuthenticationHandler.cs
@@ -8,6 +8,7 @@
 using System.Security.Claims;
 using System.Threading.Tasks;
 using KeycloakIdentityModel;
+using KeycloakIdentityModel.Models.EventArgs;
 using KeycloakIdentityModel.Models.Responses;
 using Microsoft.Owin;
 using Microsoft.Owin.Security;
@@ -79,14 +80,19 @@ stateData[Constants.CacheTypes.AuthenticationProperties] as AuthenticationProper
                     var kcIdentity =
                         await KeycloakIdentity.ConvertFromAuthResponseAsync(Options, authResult, Request.Uri);
                     var identity = await kcIdentity.ToClaimsIdentityAsync();
-                    Context.Authentication.User.AddIdentity(identity);
+
+                    Context.Authentication.User = new ClaimsPrincipal(identity);
                     SignInAsAuthentication(identity, properties, Options.SignInAsAuthenticationType);
 
+                    // Trigger OnAuthenticated?
+                    var eventArgs = new OnAuthenticatedEventArgs { RedirectUri = properties.RedirectUri };
+                    Options.OnAuthenticated?.Invoke(Context, eventArgs);
+
                     // Redirect back to the original secured resource, if any
-                    if (!string.IsNullOrWhiteSpace(properties.RedirectUri) &&
-                        Uri.IsWellFormedUriString(properties.RedirectUri, UriKind.Absolute))
+                    if (!string.IsNullOrWhiteSpace(eventArgs.RedirectUri) &&
+                        Uri.IsWellFormedUriString(eventArgs.RedirectUri, UriKind.Absolute))
                     {
-                        Response.Redirect(properties.RedirectUri);
+                        Response.Redirect(eventArgs.RedirectUri);
                         return true;
                     }
                 }