Partager via


BaseAuthorizationHeaderProvider.CreateAuthorizationHeaderAsync Method

Definition

Creates an authorization header for calling a protected web API on behalf of a user or the application.

public virtual System.Threading.Tasks.Task<string> CreateAuthorizationHeaderAsync (System.Collections.Generic.IEnumerable<string> scopes, Microsoft.Identity.Abstractions.AuthorizationHeaderProviderOptions? authorizationHeaderProviderOptions = default, System.Security.Claims.ClaimsPrincipal? claimsPrincipal = default, System.Threading.CancellationToken cancellationToken = default);
abstract member CreateAuthorizationHeaderAsync : seq<string> * Microsoft.Identity.Abstractions.AuthorizationHeaderProviderOptions * System.Security.Claims.ClaimsPrincipal * System.Threading.CancellationToken -> System.Threading.Tasks.Task<string>
override this.CreateAuthorizationHeaderAsync : seq<string> * Microsoft.Identity.Abstractions.AuthorizationHeaderProviderOptions * System.Security.Claims.ClaimsPrincipal * System.Threading.CancellationToken -> System.Threading.Tasks.Task<string>
Public Overridable Function CreateAuthorizationHeaderAsync (scopes As IEnumerable(Of String), Optional authorizationHeaderProviderOptions As AuthorizationHeaderProviderOptions = Nothing, Optional claimsPrincipal As ClaimsPrincipal = Nothing, Optional cancellationToken As CancellationToken = Nothing) As Task(Of String)

Parameters

scopes
IEnumerable<String>

The scopes for which to request the authorization header. Provide a single scope if the header needs to be created on behalf of an application.

authorizationHeaderProviderOptions
AuthorizationHeaderProviderOptions
claimsPrincipal
ClaimsPrincipal

Inbound authentication elements. In a web API, this is usually the result of the validation of a token. In a web app, this would be information about the signed-in user. This is not useful in daemon applications. In Microsoft.Identity.Web you rarely need to provide this parameter as it's inferred from the context.

cancellationToken
CancellationToken

A token to cancel the operation.

Returns

A string containing the authorization header, such as "Bearer token" or "PoP token".

Implements

Applies to