ManagedIdentityCredential class

Attempts authentication using a managed identity available at the deployment environment. This authentication type works in Azure VMs, App Service instances, Azure Functions applications, Azure Kubernetes Services, Azure Service Fabric instances and inside of the Azure Cloud Shell.

More information about configuring managed identities can be found here: https://learn.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview

Constructors

ManagedIdentityCredential(ManagedIdentityCredentialClientIdOptions)

Creates an instance of ManagedIdentityCredential with a client ID

ManagedIdentityCredential(ManagedIdentityCredentialObjectIdOptions)

Creates an instance of ManagedIdentityCredential with an object ID

ManagedIdentityCredential(ManagedIdentityCredentialResourceIdOptions)

Creates an instance of ManagedIdentityCredential with a resource ID

ManagedIdentityCredential(string, TokenCredentialOptions)

Creates an instance of ManagedIdentityCredential with the client ID of a user-assigned identity, or app registration (when working with AKS pod-identity).

Methods

getToken(string | string[], GetTokenOptions)

Authenticates with Microsoft Entra ID and returns an access token if successful. If authentication fails, a CredentialUnavailableError will be thrown with the details of the failure. If an unexpected error occurs, an AuthenticationError will be thrown with the details of the failure.

Constructor Details

ManagedIdentityCredential(ManagedIdentityCredentialClientIdOptions)

Creates an instance of ManagedIdentityCredential with a client ID

new ManagedIdentityCredential(options?: ManagedIdentityCredentialClientIdOptions)

Parameters

options
ManagedIdentityCredentialClientIdOptions

Options for configuring the client which makes the access token request.

ManagedIdentityCredential(ManagedIdentityCredentialObjectIdOptions)

Creates an instance of ManagedIdentityCredential with an object ID

new ManagedIdentityCredential(options?: ManagedIdentityCredentialObjectIdOptions)

Parameters

options
ManagedIdentityCredentialObjectIdOptions

Options for configuring the resource which makes the access token request.

ManagedIdentityCredential(ManagedIdentityCredentialResourceIdOptions)

Creates an instance of ManagedIdentityCredential with a resource ID

new ManagedIdentityCredential(options?: ManagedIdentityCredentialResourceIdOptions)

Parameters

options
ManagedIdentityCredentialResourceIdOptions

Options for configuring the resource which makes the access token request.

ManagedIdentityCredential(string, TokenCredentialOptions)

Creates an instance of ManagedIdentityCredential with the client ID of a user-assigned identity, or app registration (when working with AKS pod-identity).

new ManagedIdentityCredential(clientId: string, options?: TokenCredentialOptions)

Parameters

clientId

string

The client ID of the user-assigned identity, or app registration (when working with AKS pod-identity).

options
TokenCredentialOptions

Options for configuring the client which makes the access token request.

Method Details

getToken(string | string[], GetTokenOptions)

Authenticates with Microsoft Entra ID and returns an access token if successful. If authentication fails, a CredentialUnavailableError will be thrown with the details of the failure. If an unexpected error occurs, an AuthenticationError will be thrown with the details of the failure.

function getToken(scopes: string | string[], options?: GetTokenOptions): Promise<AccessToken>

Parameters

scopes

string | string[]

The list of scopes for which the token will have access.

options
GetTokenOptions

The options used to configure any requests this TokenCredential implementation might make.

Returns

Promise<AccessToken>