Partilhar via


Microsoft.Identity.Web Namespace

Classes

AadIssuerValidatorOptions

Options passed-in to create the AadIssuerValidator object.

AccountExtensions

Extension methods for IAccount.

ApiControllerExtensions

Extension methods to retrieve a Graph service client, or interfaces used to call downstream web APIs.

AppBuilderExtension

Extension methods on an ASP.NET application to add a web app or web API.

ApplicationBuilderExtensions

Extension class on IApplicationBuilder to initialize the service provider of the TokenAcquirerFactory in ASP.NET Core.

AppServicesAuthenticationBuilderExtensions

Extension methods related to App Services authentication (Easy Auth).

AppServicesAuthenticationDefaults

Default values related to AppServiceAuthentication handler.

AppServicesAuthenticationHandler

App service authentication handler.

AppServicesAuthenticationInformation

Information about the App Services configuration on the host.

AppServicesAuthenticationOptions

Options for Azure App Services authentication.

AppServicesAuthenticationTokenAcquisition

Implementation of ITokenAcquisition for App Services authentication (EasyAuth).

AuthorizeForScopesAttribute

Filter used on a controller action to trigger incremental consent.

AzureFunctionsAuthenticationHttpContextExtension

Extensions for AzureFunctionsAuthenticationHttpContextExtension.

AzureIdentityForKubernetesClientAssertion

Gets a signed assertion from Azure workload identity for kubernetes when an app is running in a container in Azure Kubernetes Services. See https://aka.ms/ms-id-web/certificateless and https://learn.microsoft.com/azure/aks/workload-identity-overview

BaseRequestExtensions

Extension methods for Graph requests

CertificateDescription

Description of a certificate.

CertificatelessOptions

Options for configuring CertificatelessOptions. See https://aka.ms/ms-id-web/certificateless.

ClaimConstants

Constants for claim types.

ClaimsPrincipalExtensions

Extensions for ClaimsPrincipal.

ClaimsPrincipalFactory

Factory class to create ClaimsPrincipal objects.

ClientAssertion

Client assertion.

ClientAssertionProviderBase

Description of a client assertion in the application configuration. See https://aka.ms/ms-id-web/client-assertions.

Constants

General constants for Microsoft Identity Web.

ControllerBaseExtensions

Extension methods to retrieve a Graph service client and interfaces used to call a downstream web API.

CookiePolicyOptionsExtensions

Extension class containing cookie policies (work around for same site).

DefaultCertificateLoader

Certificate Loader. Only use when loading a certificate from a daemon application, or an ASP NET app, using MSAL .NET directly. For an ASP NET Core app, Microsoft Identity Web will handle the certificate loading for you.

IConfidentialClientApplication app;
ICertificateLoader certificateLoader = new DefaultCertificateLoader();
    certificateLoader.LoadIfNeeded(config.CertificateDescription);

   app = ConfidentialClientApplicationBuilder.Create(config.ClientId)
          .WithCertificate(config.CertificateDescription.Certificate)
          .WithAuthority(new Uri(config.Authority))
          .Build();
DefaultCredentialsLoader

Default credentials loader.

DownstreamRestApiExtensions

Extension methods to support downstream REST API services.

DownstreamWebApi

Implementation for the downstream web API.

DownstreamWebApiExtensions

Extension methods to support downstream web API services.

DownstreamWebApiGenericExtensions

Extensions for the downstream web API.

DownstreamWebApiOptions

Options passed-in to call downstream web APIs. To call Microsoft Graph, see rather MicrosoftGraphOptions in the Microsoft.Identity.Web.MicrosoftGraph assembly.

GraphServiceCollectionExtensions

Extensions methods on a MicrosoftIdentityAppCallingWebApiAuthenticationBuilder builder to add support to call Microsoft Graph.

ManagedIdentityClientAssertion

See https://aka.ms/ms-id-web/certificateless.

MicrosoftGraphExtensions

Extensions methods on a MicrosoftIdentityAppCallingWebApiAuthenticationBuilder builder to add support to call Microsoft Graph.

MicrosoftGraphOptions

Options passed-in to call Microsoft Graph.

MicrosoftIdentityAppAuthenticationMessageHandler

A DelegatingHandler implementation that add an authorization header with a token for the application.

MicrosoftIdentityAppCallsWebApiAuthenticationBuilder

Authentication builder returned by the EnableTokenAcquisitionToCallDownstreamApi methods enabling you to decide token cache implementations.

MicrosoftIdentityAppCallsWebApiAuthenticationBuilderExtension

Authentication builder returned by the EnableTokenAcquisitionToCallDownstreamApi methods enabling you to use the session cache implementation.

MicrosoftIdentityAuthenticationBaseMessageHandler

Base class for Microsoft Identity authentication message handlers.

MicrosoftIdentityAuthenticationBaseOptions

Base options passed-in to authenticate with Microsoft Identity.

MicrosoftIdentityAuthenticationMessageHandlerHttpClientBuilderExtensions

Extension for IHttpClientBuilder for startup initialization of Microsoft Identity authentication handlers.

MicrosoftIdentityAuthenticationMessageHandlerOptions

Options passed-in to Microsoft Identity message handlers.

MicrosoftIdentityBaseAuthenticationBuilder

Base class for web app and web API Microsoft Identity authentication builders.

MicrosoftIdentityBlazorServiceCollectionExtensions

Extensions for IServerSideBlazorBuilder for startup initialization of web APIs.

MicrosoftIdentityConsentAndConditionalAccessHandler

Handler for Blazor specific APIs to handle incremental consent and conditional access.

MicrosoftIdentityOptions

Options for configuring authentication using Azure Active Directory. It has both AAD and B2C configuration attributes.

MicrosoftIdentityUserAuthenticationMessageHandler

A DelegatingHandler implementation that add an authorization header with a token on behalf of the current user.

MicrosoftIdentityWebApiAuthenticationBuilder

Authentication builder for a web API.

MicrosoftIdentityWebApiAuthenticationBuilderExtensions

Extensions for AuthenticationBuilder for startup initialization of web APIs.

MicrosoftIdentityWebApiAuthenticationBuilderWithConfiguration

Builder for web API authentication with configuration.

MicrosoftIdentityWebApiServiceCollectionExtensions

Extension for IServiceCollection for startup initialization of web APIs.

MicrosoftIdentityWebAppAuthenticationBuilder

Authentication builder specific for Microsoft identity platform.

MicrosoftIdentityWebAppAuthenticationBuilderExtensions

Extensions for the AuthenticationBuilder for startup initialization.

MicrosoftIdentityWebAppAuthenticationBuilderWithConfiguration

Builder for a Microsoft identity web app authentication where configuration is available for EnableTokenAcquisitionToCallDownstreamApi.

MicrosoftIdentityWebAppServiceCollectionExtensions

Extension for IServiceCollection for startup initialization.

MicrosoftIdentityWebChallengeUserException

Microsoft Identity Web specific exception class for use in Blazor or Razor pages to process the user challenge. Handles the MsalUiRequiredException.

PolicyBuilderExtensions

Extensions for building the RequiredScope policy during application startup.

PrincipalExtensionsForSecurityTokens

Extensions to retrieve a SecurityToken from ClaimsPrincipal.

RequiredScopeExtensions

Extensions for building the required scope attribute during application startup.

RequiredScopeOrAppPermissionExtensions

Extensions for building the required scope or app permission attribute during application startup.

ScopeAuthorizationRequirement

Implements an IAuthorizationRequirement which requires at least one instance of the specified claim type, and, if allowed values are specified, the claim value must be any of the allowed values.

ScopeOrAppPermissionAuthorizationRequirement

Implements an IAuthorizationRequirement which requires at least one instance of the specified claim type, and, if allowed values are specified, the claim value must be any of the allowed values.

ServiceCollectionExtensions

Extensions for IServiceCollection for startup initialization of web APIs.

TokenAcquirerAppTokenCredential

Azure SDK token credential for App tokens based on the ITokenAcquisition service.

TokenAcquirerFactory

Factory of a token acquirer.

TokenAcquirerTokenCredential

Azure SDK token credential based on the ITokenAcquisition service.

TokenAcquisitionAppTokenCredential

Azure SDK token credential for App tokens based on the ITokenAcquisition service.

TokenAcquisitionExtensionOptions

Options for TokenAcquisition add-ins. These options consist in a set of events, that can be subscribed to by add-ins or parts of the add-ins.

TokenAcquisitionOptions

Options passed-in to create the token acquisition object which calls into MSAL .NET.

TokenAcquisitionTokenCredential

Azure SDK token credential based on the ITokenAcquisition service.

TokenCacheExtensions

Extension methods to expose a simplified developer experience for adding token caches to MSAL.NET confidential client applications in ASP.NET, or .NET Core, or .NET FW.

Interfaces

IAuthRequiredScopeMetadata

This is the metadata that describes required auth scopes for a given endpoint in a web API. It's the underlying data structure the requirement ScopeAuthorizationRequirement will look for in order to validate scopes in the scope claims.

IAuthRequiredScopeOrAppPermissionMetadata

This is the metadata that describes required auth scopes or app permissions for a given endpoint in a web API. It's the underlying data structure the requirement ScopeOrAppPermissionAuthorizationRequirement will look for in order to validate scopes in the scope claims or app permissions in the roles claim.

ICertificateLoader

Interface to implement loading of a certificate. Only use when loading a certificate from a daemon application, or an ASP NET app, using MSAL .NET directly. For an ASP NET Core app, Microsoft Identity Web will handle the certificate loading for you.

IConfidentialClientApplication app;
ICertificateLoader certificateLoader = new DefaultCertificateLoader();
    certificateLoader.LoadIfNeeded(config.CertificateDescription);

   app = ConfidentialClientApplicationBuilder.Create(config.ClientId)
          .WithCertificate(config.CertificateDescription.Certificate)
          .WithAuthority(new Uri(config.Authority))
          .Build();
IDownstreamWebApi

Interface used to call a downstream web API, for instance from controllers.

ILoginErrorAccessor

Provides access to get or set the current error status. The default implementation will use TempData and be enabled when run under Development.

IMicrosoftIdentityAuthenticationDelegatingHandlerFactory

Interface to a class that provides the DelegatingHandler that adds an authorization header with a token for the application.

ITokenAcquisition

Interface for the token acquisition service (encapsulating MSAL.NET).

Enums

CertificateSource

Source for a certificate.

Delegates

BeforeTokenAcquisitionForApp

Signature for token acquisition extensions that act on the request builder, for an app token

BeforeTokenAcquisitionForTestUser

Signature for token acquisition extensions that act on the request builder, for ROPC flow.