Sdílet prostřednictvím


Microsoft.Identity.Abstractions Namespace

Classes

AcquireTokenOptions

Options directing the token acquisition. These options are provided to the ITokenAcquirer methods, or part of the AuthorizationHeaderProviderOptions, or DownstreamApiOptions.

AcquireTokenResult

Result of a token acquisition.

AuthorizationHeaderProviderOptions

Options passed-in to call downstream web APIs. To call Microsoft Graph, see rather MicrosoftGraphOptions in the Microsoft.Identity.Web.MicrosoftGraph assembly.

CredentialDescription

Description of a credential. Credentials are used to prove the identity of the application (See ClientCredentials), or to decrypt tokens (See TokenDecryptionCredentials). Credentials can be secrets (client secrets), certificates, or signed assertions. They can be stored or provided in a variety of ways, and this class provides a way to describe them. The description is then used by Microsoft.Identity.Web to retrieve the credential. (See the DefaultCredentialProvider class)

CredentialSourceLoaderParameters

Parameters that credential loaders, like signed assertion providers, can use to load credentials. You won't use this class directly unless you are writing a custom credential loader.

DownstreamApiOptions

Options passed-in to call downstream web APIs.

DownstreamApiOptionsReadOnlyHttpMethod

Specialization of DownstreamApiOptions where the HttpMethod is not settable beyond it's construction.

IdentityApplicationOptions

Options for configuring authentication in a web app, web API or daemon app.

This class contains configuration properties for any OAuth 2.0 identity provider. For Azure AD specific options see the derived class: MicrosoftIdentityApplicationOptions. This class and its derived class are usually used as options, that are deserialized from a configuration file like appsettings.json

ManagedIdentityOptions

Data object to hold the definition of a managed identity for an application to use for authentication. If UserAssignedClientId is null, the application will use the system-assigned managed identity. If UserAssignedClientId is set, the application will try to use the user-assigned managed identity associated with the provided ClientID. See https://aka.ms/Entra/ManagedIdentityOverview for more details.

MicrosoftIdentityApplicationOptions

Options for configuring authentication for a web app, web API, or daemon application, using Azure Active Directory. It has both AAD and B2C configuration attributes.

Interfaces

IAuthorizationHeaderProvider

Creates the value of an authorization header that the caller can use to call a protected web API.

ICredentialsLoader

Contract for credential loaders, implemented by classes like the DefaultCertificateLoader or the DefaultCredentialLoader in Microsoft.Identity.Web. Credential loaders are used to load credentials from a CredentialDescription, the result is then in the CachedValue property. Credential loaders constitute an extensibility point. They delegate to credential source loaders, which are specified in the CredentialSourceLoaders collection, choosing the one which CredentialSource matches the credential source of the credential description to load.

ICredentialSourceLoader

Contract to implement to load credentials, for instance certificates.

IDownstreamApi

Interface used to call a downstream API, for instance from controllers.

ITokenAcquirer

Interface for the token acquisition service (for instance encapsulating MSAL.NET).

ITokenAcquirerFactory

Token acquirer factory.

Enums

CredentialSource

Source for a credential. Credentials are used to prove the identity of the application (See ClientCredentials), or to decrypt tokens (See TokenDecryptionCredentials). Credentials can be secrets (client secrets), certificates, or signed assertions. They can be stored or provided in a variety of ways, and this enumeration describes these ways. It's used in the SourceType property.

CredentialType

Credential type. This is used to specify the type of credential that is being loaded. This value is provided in the see CredentialType based on the type of credential (which depends on the type of CredentialSource value of the SourceType).