ManagedIdentityCredentialBuilder Class

Package:

com.azure.identity

Maven Artifact:

com.azure:azure-identity:1.15.0

• java.lang.Object
• • com.azure.identity.CredentialBuilderBase<T>
  • • com.azure.identity.ManagedIdentityCredentialBuilder

public class ManagedIdentityCredentialBuilder
extends CredentialBuilderBase<ManagedIdentityCredentialBuilder>

Fluent credential builder for instantiating a ManagedIdentityCredential.

Azure Managed Identity is a feature in Microsoft Entra ID that provides a way for applications running on Azure to authenticate themselves with Azure resources without needing to manage or store any secrets like passwords or keys. The ManagedIdentityCredential authenticates the configured managed identity (system or user assigned) of an Azure resource. So, if the application is running inside an Azure resource that supports Managed Identity through IDENTITY/MSI, IMDS endpoints, or both, then this credential will get your application authenticated, and offers a great secretless authentication experience. For more information refer to the managed identity authentication documentation.

Sample: Construct a simple ManagedIdentityCredential

The following code sample demonstrates the creation of a ManagedIdentityCredential, using the ManagedIdentityCredentialBuilder to configure it. Once this credential is created, it may be passed into the builder of many of the Azure SDK for Java client builders as the 'credential' parameter.

TokenCredential managedIdentityCredential = new ManagedIdentityCredentialBuilder().build();

Sample: Construct a User Assigned ManagedIdentityCredential

User-Assigned Managed Identity (UAMI) in Azure is a feature that allows you to create an identity in Microsoft Entra ID that is associated with one or more Azure resources. This identity can then be used to authenticate and authorize access to various Azure services and resources. The following code sample demonstrates the creation of a ManagedIdentityCredential to target a user assigned managed identity, using the ManagedIdentityCredentialBuilder to configure it. Once this credential is created, it may be passed into the builder of many of the Azure SDK for Java client builders as the 'credential' parameter.

TokenCredential managedIdentityCredentialUserAssigned = new ManagedIdentityCredentialBuilder().clientId(
         clientId) // specify client id of user-assigned managed identity.
     .build();

Constructor Summary

Constructor	Description
ManagedIdentityCredentialBuilder()	Constructs an instance of ManagedIdentityCredentialBuilder.

Method Summary

Modifier and Type	Method and Description
ManagedIdentityCredential	build() Creates a new ManagedIdentityCredential with the current configurations.
ManagedIdentityCredentialBuilder	clientId(String clientId) Specifies the client ID of a user-assigned or system-assigned managed identity.
ManagedIdentityCredentialBuilder	executorService(ExecutorService executorService) Specifies the ExecutorService to be used to execute the authentication requests.
ManagedIdentityCredentialBuilder	objectId(String objectId) Specifies the object ID of a user-assigned or system-assigned managed identity.
ManagedIdentityCredentialBuilder	resourceId(String resourceId) Specifies the resource ID of a user-assigned or system-assigned managed identity.

Methods inherited from CredentialBuilderBase

addPolicy clientOptions configuration enableAccountIdentifierLogging httpClient httpLogOptions httpPipeline maxRetry pipeline proxyOptions retryOptions retryPolicy retryTimeout

Methods inherited from java.lang.Object

clone equals finalize getClass hashCode notify notifyAll toString wait wait wait

Constructor Details

ManagedIdentityCredentialBuilder

public ManagedIdentityCredentialBuilder()

Constructs an instance of ManagedIdentityCredentialBuilder.

Method Details

build

public ManagedIdentityCredential build()

Creates a new ManagedIdentityCredential with the current configurations.

Returns:

a ManagedIdentityCredential with the current configurations.

clientId

public ManagedIdentityCredentialBuilder clientId(String clientId)

Specifies the client ID of a user-assigned or system-assigned managed identity. Only one of clientId, resourceId, or objectId can be specified.

Parameters:

clientId - the client ID

Returns:

the ManagedIdentityCredentialBuilder itself

executorService

public ManagedIdentityCredentialBuilder executorService(ExecutorService executorService)

Specifies the ExecutorService to be used to execute the authentication requests. Developer is responsible for maintaining the lifecycle of the ExecutorService.

If this is not configured, the com.azure.core.util.SharedExecutorService will be used which is also shared with other SDK libraries. If there are many concurrent SDK tasks occurring, authentication requests might starve and configuring a separate executor service should be considered.

The executor service and can be safely shutdown if the TokenCredential is no longer being used by the Azure SDK clients and should be shutdown before the application exits.

Parameters:

executorService - the executor service to use for executing authentication requests.

Returns:

the ManagedIdentityCredentialBuilder itself

objectId

public ManagedIdentityCredentialBuilder objectId(String objectId)

Specifies the object ID of a user-assigned or system-assigned managed identity. Only one of clientId, resourceId, or objectId can be specified.

Parameters:

objectId - the object ID

Returns:

the ManagedIdentityCredentialBuilder itself

resourceId

public ManagedIdentityCredentialBuilder resourceId(String resourceId)

Specifies the resource ID of a user-assigned or system-assigned managed identity. Only one of clientId, resourceId, or objectId can be specified.

Parameters:

resourceId - the resource ID

Returns:

the ManagedIdentityCredentialBuilder itself