ITokenAcquisition.GetAccessTokenForUserAsync Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Overloads
GetAccessTokenForUserAsync(IEnumerable<String>, String, String, ClaimsPrincipal, TokenAcquisitionOptions) |
Typically used from an ASP.NET Core web app or web API controller. This method gets an access token for a downstream API on behalf of the user account for which the claims are provided in the User member of the controller's HttpContext parameter. |
GetAccessTokenForUserAsync(IEnumerable<String>, String, String, String, ClaimsPrincipal, TokenAcquisitionOptions) |
Typically used from an ASP.NET Core web app or web API controller. This method gets an access token for a downstream API on behalf of the user account for which the claims are provided in the current user |
GetAccessTokenForUserAsync(IEnumerable<String>, String, String, ClaimsPrincipal, TokenAcquisitionOptions)
Typically used from an ASP.NET Core web app or web API controller. This method gets an access token for a downstream API on behalf of the user account for which the claims are provided in the User member of the controller's HttpContext parameter.
public virtual System.Threading.Tasks.Task<string> GetAccessTokenForUserAsync (System.Collections.Generic.IEnumerable<string> scopes, string? tenantId = default, string? userFlow = default, System.Security.Claims.ClaimsPrincipal? user = default, Microsoft.Identity.Web.TokenAcquisitionOptions? tokenAcquisitionOptions = default);
abstract member GetAccessTokenForUserAsync : seq<string> * string * string * System.Security.Claims.ClaimsPrincipal * Microsoft.Identity.Web.TokenAcquisitionOptions -> System.Threading.Tasks.Task<string>
override this.GetAccessTokenForUserAsync : seq<string> * string * string * System.Security.Claims.ClaimsPrincipal * Microsoft.Identity.Web.TokenAcquisitionOptions -> System.Threading.Tasks.Task<string>
Public Overridable Function GetAccessTokenForUserAsync (scopes As IEnumerable(Of String), Optional tenantId As String = Nothing, Optional userFlow As String = Nothing, Optional user As ClaimsPrincipal = Nothing, Optional tokenAcquisitionOptions As TokenAcquisitionOptions = Nothing) As Task(Of String)
Parameters
- scopes
- IEnumerable<String>
Scopes to request for the downstream API to call.
- tenantId
- String
Enables to override the tenant/account for the same identity. This is useful in the cases where a given account is guest in other tenants, and you want to acquire tokens for a specific tenant.
- userFlow
- String
Azure AD B2C UserFlow to target.
- user
- ClaimsPrincipal
Optional claims principal representing the user. If not provided, will use the signed-in user (in a web app), or the user for which the token was received (in a web API) cases where a given account is guest in other tenants, and you want to acquire tokens for a specific tenant, like where the user is a guest in.
- tokenAcquisitionOptions
- TokenAcquisitionOptions
Options passed-in to create the token acquisition object which calls into MSAL .NET.
Returns
An access token to call on behalf of the user, the downstream API characterized by its scopes.
Applies to
GetAccessTokenForUserAsync(IEnumerable<String>, String, String, String, ClaimsPrincipal, TokenAcquisitionOptions)
Typically used from an ASP.NET Core web app or web API controller. This method gets an access token for a downstream API on behalf of the user account for which the claims are provided in the current user
public System.Threading.Tasks.Task<string> GetAccessTokenForUserAsync (System.Collections.Generic.IEnumerable<string> scopes, string? authenticationScheme, string? tenantId = default, string? userFlow = default, System.Security.Claims.ClaimsPrincipal? user = default, Microsoft.Identity.Web.TokenAcquisitionOptions? tokenAcquisitionOptions = default);
abstract member GetAccessTokenForUserAsync : seq<string> * string * string * string * System.Security.Claims.ClaimsPrincipal * Microsoft.Identity.Web.TokenAcquisitionOptions -> System.Threading.Tasks.Task<string>
Public Function GetAccessTokenForUserAsync (scopes As IEnumerable(Of String), authenticationScheme As String, Optional tenantId As String = Nothing, Optional userFlow As String = Nothing, Optional user As ClaimsPrincipal = Nothing, Optional tokenAcquisitionOptions As TokenAcquisitionOptions = Nothing) As Task(Of String)
Parameters
- scopes
- IEnumerable<String>
Scopes to request for the downstream API to call.
- authenticationScheme
- String
Authentication scheme. If null, will use OpenIdConnectDefault.AuthenticationScheme if called from a web app, and JwtBearerDefault.AuthenticationScheme if called from a web API.
- tenantId
- String
Enables to override the tenant/account for the same identity. This is useful in the cases where a given account is guest in other tenants, and you want to acquire tokens for a specific tenant.
- userFlow
- String
Azure AD B2C UserFlow to target.
- user
- ClaimsPrincipal
Optional claims principal representing the user. If not provided, will use the signed-in user (in a web app), or the user for which the token was received (in a web API) cases where a given account is guest in other tenants, and you want to acquire tokens for a specific tenant, like where the user is a guest in.
- tokenAcquisitionOptions
- TokenAcquisitionOptions
Options passed-in to create the token acquisition object which calls into MSAL .NET.
Returns
An access token to call on behalf of the user, the downstream API characterized by its scopes.