Any risk returning other user's Connection Id to the client?
In a SignalR Hub class you are able to call Context.ConnectionId for a user. I am looking to store these in a Dictionary<string, string> in order to connect users together. Is there a risk or security vulnerabilities in returning other user's clientids to a user's client?
Yes, we do this in some of our samples but it's bad. If you leak the connection id then people can send/receive your messages on your connection. Create another id that is unique and store a mapping between your id and connection id internally so you can map them back.
It's basically the same idea as the forms auth ticket. Sure it's encrypted but if someone gets ahold of it they can impersonate you regardless.
See a sample of this logic in MessengR. https://github.com/davidfowl/MessengR/blob/master/MessengR/Hubs/Chat.cs#L67