SharedTokenCacheCredential Class

Authenticates using tokens in the local cache shared between Microsoft applications.

Inheritance
builtins.object
SharedTokenCacheCredential

Constructor

SharedTokenCacheCredential(username: str | None = None, **kwargs: Any)

Parameters

Name Description
username
str

Username (typically an email address) of the user to authenticate as. This is used when the local cache contains tokens for multiple identities.

Default value: None

Keyword-Only Parameters

Name Description
authority
str

Authority of a Microsoft Entra endpoint, for example 'login.microsoftonline.com', the authority for Azure Public Cloud (which is the default). AzureAuthorityHosts defines authorities for other clouds.

tenant_id
str

a Microsoft Entra tenant ID. Used to select an account when the cache contains tokens for multiple identities.

authentication_record

an authentication record returned by a user credential such as DeviceCodeCredential or InteractiveBrowserCredential

cache_persistence_options

configuration for persistent token caching. If not provided, the credential will use the persistent cache shared by Microsoft development applications

Methods

close

Close the credential's transport session.

get_token

Get an access token for scopes from the shared cache.

If no access token is cached, attempt to acquire one using a cached refresh token.

This method is called automatically by Azure SDK clients.

supported

Whether the shared token cache is supported on the current platform.

close

Close the credential's transport session.

close() -> None

get_token

Get an access token for scopes from the shared cache.

If no access token is cached, attempt to acquire one using a cached refresh token.

This method is called automatically by Azure SDK clients.

get_token(*scopes: str, claims: str | None = None, tenant_id: str | None = None, enable_cae: bool = False, **kwargs: Any) -> AccessToken

Parameters

Name Description
scopes
Required
str

desired scopes for the access token. This method requires at least one scope. For more information about scopes, see https://learn.microsoft.com/entra/identity-platform/scopes-oidc.

Keyword-Only Parameters

Name Description
claims
str

additional claims required in the token, such as those returned in a resource provider's claims challenge following an authorization failure

tenant_id
str

not used by this credential; any value provided will be ignored.

enable_cae

indicates whether to enable Continuous Access Evaluation (CAE) for the requested token. Defaults to False.

Returns

Type Description

An access token with the desired scopes.

Exceptions

Type Description

the cache is unavailable or contains insufficient user information

authentication failed. The error's message attribute gives a reason.

supported

Whether the shared token cache is supported on the current platform.

static supported() -> bool

Returns

Type Description

True if the shared token cache is supported on the current platform, otherwise False.