Partilhar via


AcquireTokenForClientParameterBuilder Class

Definition

Builder for AcquireTokenForClient (used in client credential flows, in daemon applications). See https://aka.ms/msal-net-client-credentials

public sealed class AcquireTokenForClientParameterBuilder : Microsoft.Identity.Client.AbstractConfidentialClientAcquireTokenParameterBuilder<Microsoft.Identity.Client.AcquireTokenForClientParameterBuilder>
type AcquireTokenForClientParameterBuilder = class
    inherit AbstractConfidentialClientAcquireTokenParameterBuilder<AcquireTokenForClientParameterBuilder>
Public NotInheritable Class AcquireTokenForClientParameterBuilder
Inherits AbstractConfidentialClientAcquireTokenParameterBuilder(Of AcquireTokenForClientParameterBuilder)
Inheritance

Methods

ExecuteAsync()

Executes the Token request asynchronously.

(Inherited from BaseAbstractAcquireTokenParameterBuilder<T>)
ExecuteAsync(CancellationToken)

Executes the Token request asynchronously, with a possibility of cancelling the asynchronous method.

(Inherited from AbstractConfidentialClientAcquireTokenParameterBuilder<T>)
Validate()

Validates the parameters of the AcquireToken operation.

(Inherited from AbstractConfidentialClientAcquireTokenParameterBuilder<T>)
WithAdfsAuthority(String, Boolean)

Adds a known Authority corresponding to an ADFS server. See https://aka.ms/msal-net-adfs.

(Inherited from AbstractAcquireTokenParameterBuilder<T>)
WithAuthority(AadAuthorityAudience, Boolean)
Obsolete.

Important: Use WithTenantId or WithTenantIdFromAuthority instead, or WithB2CAuthority for B2C authorities.

Adds a known Azure AD authority to the application to sign-in users specifying the sign-in audience (the cloud being the Azure public cloud). See https://aka.ms/msal-net-application-configuration.

(Inherited from AbstractAcquireTokenParameterBuilder<T>)
WithAuthority(AzureCloudInstance, AadAuthorityAudience, Boolean)
Obsolete.

Adds a known Azure AD authority to the application to sign-in users specifying the cloud instance and the sign-in audience. See https://aka.ms/msal-net-application-configuration.

(Inherited from AbstractAcquireTokenParameterBuilder<T>)
WithAuthority(AzureCloudInstance, Guid, Boolean)
Obsolete.

Important: Use WithTenantId or WithTenantIdFromAuthority instead, or WithB2CAuthority for B2C authorities.

Adds a known Azure AD authority to the application to sign-in users from a single organization (single tenant application) described by its cloud instance and its tenant ID. See https://aka.ms/msal-net-application-configuration.

(Inherited from AbstractAcquireTokenParameterBuilder<T>)
WithAuthority(AzureCloudInstance, String, Boolean)
Obsolete.

Important: Use WithTenantId or WithTenantIdFromAuthority instead, or WithB2CAuthority for B2C authorities.

Adds a known Azure AD authority to the application to sign-in users from a single organization (single tenant application) described by its cloud instance and its domain name or tenant ID. See https://aka.ms/msal-net-application-configuration.

(Inherited from AbstractAcquireTokenParameterBuilder<T>)
WithAuthority(String, Boolean)
Obsolete.

Important: Use WithTenantId or WithTenantIdFromAuthority instead, or WithB2CAuthority for B2C authorities.

Specific authority for which the token is requested. Passing a different value than configured at the application constructor narrows down the selection to a specific tenant. This does not change the configured value in the application. This is specific to applications managing several accounts (like a mail client with several mailboxes). See https://aka.ms/msal-net-application-configuration.

(Inherited from AbstractAcquireTokenParameterBuilder<T>)
WithAuthority(String, Guid, Boolean)
Obsolete.

Important: Use WithTenantId or WithTenantIdFromAuthority instead, or WithB2CAuthority for B2C authorities.

Adds a known Azure AD authority to the application to sign-in users from a single organization (single tenant application) specified by its tenant ID. See https://aka.ms/msal-net-application-configuration.

(Inherited from AbstractAcquireTokenParameterBuilder<T>)
WithAuthority(String, String, Boolean)
Obsolete.

Important: Use WithTenantId or WithTenantIdFromAuthority instead, or WithB2CAuthority for B2C authorities.

Adds a known Azure AD authority to the application to sign-in users from a single organization (single tenant application) described by its domain name. See https://aka.ms/msal-net-application-configuration.

(Inherited from AbstractAcquireTokenParameterBuilder<T>)
WithAzureRegion(Boolean)
Obsolete.

Please use WithAzureRegion on the ConfidentialClientApplicationBuilder object

WithB2CAuthority(String)

Adds a known authority corresponding to an Azure AD B2C policy. See https://aka.ms/msal-net-b2c-specificities

(Inherited from AbstractAcquireTokenParameterBuilder<T>)
WithClaims(String)

Sets claims in the query. Use when the AAD admin has enabled conditional access. Acquiring the token normally will result in a MsalUiRequiredException with the Claims property set. Retry the token acquisition, and use this value in the WithClaims(String) method. See https://aka.ms/msal-exceptions for details as well as https://aka.ms/msal-net-claim-challenge.

(Inherited from AbstractAcquireTokenParameterBuilder<T>)
WithCorrelationId(Guid)

Sets the correlation id to be used in the authentication request. Used to track a request in the logs of both the SDK and the Identity Provider service. If not set, a random one will be generated.

(Inherited from BaseAbstractAcquireTokenParameterBuilder<T>)
WithExtraQueryParameters(Dictionary<String,String>)

Sets Extra Query Parameters for the query string in the HTTP authentication request.

(Inherited from BaseAbstractAcquireTokenParameterBuilder<T>)
WithExtraQueryParameters(String)

Sets Extra Query Parameters for the query string in the HTTP authentication request.

(Inherited from AbstractAcquireTokenParameterBuilder<T>)
WithForceRefresh(Boolean)

Specifies if the client application should ignore access tokens when reading the token cache. New tokens will still be written to the application token cache. By default the token is taken from the application token cache (forceRefresh=false)

WithMtlsProofOfPossession()

Specifies that the certificate provided will be used for PoP tokens with mTLS (Mutual TLS) authentication. For more information, refer to the Proof-of-Possession documentation.

WithPreferredAzureRegion(Boolean, String, Boolean)
Obsolete.

Please use WithAzureRegion on the ConfidentialClientApplicationBuilder object

WithProofOfPossession(PoPAuthenticationConfiguration)
Obsolete.

Modifies the token acquisition request so that the acquired token is a Proof-of-Possession token (PoP), rather than a Bearer token. PoP tokens are similar to Bearer tokens, but are bound to the HTTP request and to a cryptographic key, which MSAL can manage on Windows. See https://aka.ms/msal-net-pop

(Inherited from AbstractConfidentialClientAcquireTokenParameterBuilder<T>)
WithScopes(IEnumerable<String>)

Specifies which scopes to request. This method is used when your application needs to specify the scopes needed to call a protected API. See https://docs.microsoft.com/azure/active-directory/develop/v2-permissions-and-consent to learn more about scopes, permissions and consent, and https://docs.microsoft.com/azure/active-directory/develop/msal-v1-app-scopes to learn how to create scopes for legacy applications which used to expose OAuth2 permissions.

(Inherited from AbstractAcquireTokenParameterBuilder<T>)
WithSendX5C(Boolean)

Applicable to first-party applications only, this method also allows to specify if the x5c claim should be sent to Azure AD. Sending the x5c enables application developers to achieve easy certificate roll-over in Azure AD: this method will send the certificate chain to Azure AD along with the token request, so that Azure AD can use it to validate the subject name based on a trusted issuer policy. This saves the application admin from the need to explicitly manage the certificate rollover (either via portal or PowerShell/CLI operation). For details see https://aka.ms/msal-net-sni

WithSignedHttpRequestProofOfPossession(PoPAuthenticationConfiguration)

Modifies the request to acquire a Signed HTTP Request (SHR) Proof-of-Possession (PoP) token, rather than a Bearer. SHR PoP tokens are bound to the HTTP request and to a cryptographic key, which MSAL manages on Windows. SHR PoP tokens are different from mTLS PoP tokens, which are used for Mutual TLS (mTLS) authentication. See https://aka.ms/mtls-pop for details.

(Inherited from AbstractConfidentialClientAcquireTokenParameterBuilder<T>)
WithTenantId(String)

Overrides the tenant ID specified in the authority at the application level. This operation preserves the authority host (environment).

If an authority was not specified at the application level, the default used is https://login.microsoftonline.com/common.

(Inherited from AbstractAcquireTokenParameterBuilder<T>)
WithTenantIdFromAuthority(Uri)

Extracts the tenant ID from the provided authority URI and overrides the tenant ID specified in the authority at the application level. This operation preserves the authority host (environment) provided to the application builder. If an authority was not provided to the application builder, this method will replace the tenant ID in the default authority - https://login.microsoftonline.com/common.

(Inherited from AbstractAcquireTokenParameterBuilder<T>)

Extension Methods

WithExtraHttpHeaders<T>(AbstractAcquireTokenParameterBuilder<T>, IDictionary<String,String>)

Adds additional Http Headers to the token request.

OnBeforeTokenRequest<T>(AbstractAcquireTokenParameterBuilder<T>, Func<OnBeforeTokenRequestData,Task>)

Intervenes in the request pipeline, by executing a user provided delegate before MSAL makes the token request. The delegate can modify the request payload by adding or removing body parameters and headers. OnBeforeTokenRequestData

WithAdditionalCacheParameters<T>(AbstractAcquireTokenParameterBuilder<T>, IEnumerable<String>)

Specifies additional parameters acquired from authentication responses to be cached with the access token that are normally not included in the cache object. these values can be read from the AdditionalResponseParameters parameter.

WithAuthenticationExtension<T>(AbstractAcquireTokenParameterBuilder<T>, MsalAuthenticationExtension)

Enables client applications to provide a custom authentication operation to be used in the token acquisition request.

WithProofOfPosessionKeyId<T>(AbstractAcquireTokenParameterBuilder<T>, String, String)

Binds the token to a key in the cache.No cryptographic operations is performed on the token.

WithProofOfPosessionKeyId(AcquireTokenForClientParameterBuilder, String, String)

Binds the token to a key in the cache. L2 cache keys contain the key id. No cryptographic operations is performed on the token.

Applies to