Partilhar via


DownstreamApiOptions Class

Definition

Options passed-in to call downstream web APIs.

public class DownstreamApiOptions : Microsoft.Identity.Abstractions.AuthorizationHeaderProviderOptions
type DownstreamApiOptions = class
    inherit AuthorizationHeaderProviderOptions
Public Class DownstreamApiOptions
Inherits AuthorizationHeaderProviderOptions
Inheritance
Derived

Examples

Here is an example of a configuration of a downstream API that would retrieve the user profile (it's illustrated with Microsoft Graph as this is a well-known API, but of course to effectively call Microsoft graph, rather use Microsoft.Identity.Web.MicrosoftGraph)

 "DownstreamApis": [
    "MyProfile": {
       "BaseUrl": "https://graph.microsoft.com/v1.0",
       "RelativePath": "/me/profile",
        "Scopes": [ "user.read"]
    }
  ]

The following describes a downstream web API called on behalf of the application itself (application token) and using the Pop protocol:

 "DownstreamApis": [
    "AllBooks": {
       "BaseUrl": "https://mylibrary.com",
       "RelativePath": "/books/all",
       "RequestAppToken": true,
       "ProtocolScheme": "Pop",
        "Scopes": ["https://mylibrary.com/.default"]
    }
  ]

Constructors

DownstreamApiOptions()

Default constructor.

DownstreamApiOptions(DownstreamApiOptions)

Copy constructor.

Properties

AcceptHeader

The HTTP Accept header is used to inform that server about the content type that the client is expecting in the response.

AcquireTokenOptions

Options related to token acquisition.

(Inherited from AuthorizationHeaderProviderOptions)
BaseUrl

Base URL for the called downstream web API. For instance "https://graph.microsoft.com/beta/".

(Inherited from AuthorizationHeaderProviderOptions)
ContentType

Content type of the request body.

CustomizeHttpRequestMessage

Provides an opportunity for the caller app to customize the HttpRequestMessage. For example, to customize the headers. This is called after the message was formed, including the Authorization header, and just before the message is sent.

(Inherited from AuthorizationHeaderProviderOptions)
Deserializer

Optional de-serializer. Will de-serialize the output from the web API (if any). When not provided, the following is returned: JsonSerializer.Deserialize<TOutput>(content, new JsonSerializerOptions { PropertyNameCaseInsensitive = true });

HttpMethod

HTTP method used to call this downstream web API (by default Get).

(Inherited from AuthorizationHeaderProviderOptions)
ProtocolScheme

Name of the protocol scheme used to create the authorization header. By default: "Bearer".

(Inherited from AuthorizationHeaderProviderOptions)
RelativePath

Path relative to the BaseUrl (for instance "me").

(Inherited from AuthorizationHeaderProviderOptions)
RequestAppToken

Describes if the downstream API is called on behalf of the calling service itself (App token) or on behalf of a user processed by the service (user token). If true, the token is requested on behalf of the app. Otherwise, it on-behalf of the user.

(Inherited from AuthorizationHeaderProviderOptions)
Scopes

Scopes required to call the downstream web API. For instance "user.read mail.read". For Microsoft identity, in the case of application tokens (token requested by the app on behalf of itself), there should be only one scope, and it should end in "./default")

Serializer

Optional serializer. Will serialize the input to the web API (if any). By default, when not provided:

  • If the input derives from HttpInput, it's used as is
  • If the input is a string it's used as is an considered a media type json.
  • Otherwise, the object is serialized in JSON, with a UTF8 encoding, and a media type of application/json:
    new StringContent(JsonSerializer.Serialize(input), Encoding.UTF8, "application/json")
    

Methods

Clone()

Clone the options (to be able to override them).

CloneInternal()

Clone the options (to be able to override them).

GetApiUrl()

Return the downstream web API URL.

(Inherited from AuthorizationHeaderProviderOptions)

Applies to