BaseAuthorizationHeaderProvider.CreateAuthorizationHeaderAsync Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Creates an authorization header for calling a protected web API on behalf of a user or the application.
public virtual System.Threading.Tasks.Task<string> CreateAuthorizationHeaderAsync (System.Collections.Generic.IEnumerable<string> scopes, Microsoft.Identity.Abstractions.AuthorizationHeaderProviderOptions? authorizationHeaderProviderOptions = default, System.Security.Claims.ClaimsPrincipal? claimsPrincipal = default, System.Threading.CancellationToken cancellationToken = default);
abstract member CreateAuthorizationHeaderAsync : seq<string> * Microsoft.Identity.Abstractions.AuthorizationHeaderProviderOptions * System.Security.Claims.ClaimsPrincipal * System.Threading.CancellationToken -> System.Threading.Tasks.Task<string>
override this.CreateAuthorizationHeaderAsync : seq<string> * Microsoft.Identity.Abstractions.AuthorizationHeaderProviderOptions * System.Security.Claims.ClaimsPrincipal * System.Threading.CancellationToken -> System.Threading.Tasks.Task<string>
Public Overridable Function CreateAuthorizationHeaderAsync (scopes As IEnumerable(Of String), Optional authorizationHeaderProviderOptions As AuthorizationHeaderProviderOptions = Nothing, Optional claimsPrincipal As ClaimsPrincipal = Nothing, Optional cancellationToken As CancellationToken = Nothing) As Task(Of String)
Parameters
- scopes
- IEnumerable<String>
The scopes for which to request the authorization header. Provide a single scope if the header needs to be created on behalf of an application.
- authorizationHeaderProviderOptions
- AuthorizationHeaderProviderOptions
- claimsPrincipal
- ClaimsPrincipal
Inbound authentication elements. In a web API, this is usually the result of the validation of a token. In a web app, this would be information about the signed-in user. This is not useful in daemon applications. In Microsoft.Identity.Web you rarely need to provide this parameter as it's inferred from the context.
- cancellationToken
- CancellationToken
A token to cancel the operation.
Returns
A string containing the authorization header, such as "Bearer token" or "PoP token".