InteractiveBrowserCredential class
Enables authentication to Microsoft Entra ID inside of the web browser using the interactive login flow.
Constructors
Interactive |
Creates an instance of InteractiveBrowserCredential with the details needed. This credential uses the Authorization Code Flow.
On Node.js, it will open a browser window while it listens for a redirect response from the authentication service.
On browsers, it authenticates via popups. The For Node.js, if a |
Methods
authenticate(string | string[], Get |
Authenticates with Microsoft Entra ID and returns an access token if successful. If authentication fails, a CredentialUnavailableError will be thrown with the details of the failure. If the token can't be retrieved silently, this method will always generate a challenge for the user. On Node.js, this credential has Proof Key for Code Exchange (PKCE) enabled by default. PKCE is a security feature that mitigates authentication code interception attacks. |
get |
Authenticates with Microsoft Entra ID and returns an access token if successful. If authentication fails, a CredentialUnavailableError will be thrown with the details of the failure. If the user provided the option |
Constructor Details
InteractiveBrowserCredential(InteractiveBrowserCredentialNodeOptions | InteractiveBrowserCredentialInBrowserOptions)
Creates an instance of InteractiveBrowserCredential with the details needed.
This credential uses the Authorization Code Flow.
On Node.js, it will open a browser window while it listens for a redirect response from the authentication service.
On browsers, it authenticates via popups. The loginStyle
optional parameter can be set to redirect
to authenticate by redirecting the user to an Azure secure login page, which then will redirect the user back to the web application where the authentication started.
For Node.js, if a clientId
is provided, the Microsoft Entra application will need to be configured to have a "Mobile and desktop applications" redirect endpoint.
Follow our guide on setting up Redirect URIs for Desktop apps that calls to web APIs.
new InteractiveBrowserCredential(options: InteractiveBrowserCredentialNodeOptions | InteractiveBrowserCredentialInBrowserOptions)
Parameters
Options for configuring the client which makes the authentication requests.
Method Details
authenticate(string | string[], GetTokenOptions)
Authenticates with Microsoft Entra ID and returns an access token if successful. If authentication fails, a CredentialUnavailableError will be thrown with the details of the failure.
If the token can't be retrieved silently, this method will always generate a challenge for the user.
On Node.js, this credential has Proof Key for Code Exchange (PKCE) enabled by default. PKCE is a security feature that mitigates authentication code interception attacks.
function authenticate(scopes: string | string[], options?: GetTokenOptions): Promise<undefined | AuthenticationRecord>
Parameters
- scopes
-
string | string[]
The list of scopes for which the token will have access.
- options
- GetTokenOptions
The options used to configure any requests this TokenCredential implementation might make.
Returns
Promise<undefined | AuthenticationRecord>
getToken(string | string[], GetTokenOptions)
Authenticates with Microsoft Entra ID and returns an access token if successful. If authentication fails, a CredentialUnavailableError will be thrown with the details of the failure.
If the user provided the option disableAutomaticAuthentication
,
once the token can't be retrieved silently,
this method won't attempt to request user interaction to retrieve the token.
function getToken(scopes: string | string[], options?: GetTokenOptions): Promise<AccessToken>
Parameters
- scopes
-
string | string[]
The list of scopes for which the token will have access.
- options
- GetTokenOptions
The options used to configure any requests this TokenCredential implementation might make.
Returns
Promise<AccessToken>