DefaultAzureCredential Class
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Provides a default TokenCredential authentication flow for applications that will be deployed to Azure. The following credential types if enabled will be tried, in order:
Consult the documentation of these credential types for more information on how they attempt authentication.public class DefaultAzureCredential : Azure.Core.TokenCredentialtype DefaultAzureCredential = class
inherit TokenCredentialPublic Class DefaultAzureCredential
Inherits TokenCredential- Inheritance
Examples
This example demonstrates authenticating the BlobClient from the Azure.Storage.Blobs client library using the DefaultAzureCredential, deployed to an Azure resource with a user assigned managed identity configured.
// When deployed to an azure host, the default azure credential will authenticate the specified user assigned managed identity.
string userAssignedClientId = "<your managed identity client Id>";
var credential = new DefaultAzureCredential(new DefaultAzureCredentialOptions { ManagedIdentityClientId = userAssignedClientId });
var blobClient = new BlobClient(new Uri("https://myaccount.blob.core.windows.net/mycontainer/myblob"), credential);
Remarks
Note that credentials requiring user interaction, such as the InteractiveBrowserCredential, are not included by default. Callers must explicitly enable this when constructing the DefaultAzureCredential either by setting the includeInteractiveCredentials parameter to true, or the setting the ExcludeInteractiveBrowserCredential property to false when passing DefaultAzureCredentialOptions.
Constructors
| DefaultAzureCredential(Boolean) |
Creates an instance of the DefaultAzureCredential class. |
| DefaultAzureCredential(DefaultAzureCredentialOptions) |
Creates an instance of the DefaultAzureCredential class. |
Methods
| GetToken(TokenRequestContext, CancellationToken) |
Sequentially calls GetToken(TokenRequestContext, CancellationToken) on all the included credentials in the order EnvironmentCredential, ManagedIdentityCredential, SharedTokenCacheCredential, and InteractiveBrowserCredential returning the first successfully obtained AccessToken. Acquired tokens are cached by the credential instance. Token lifetime and refreshing is handled automatically. Where possible, reuse credential instances to optimize cache effectiveness. |
| GetTokenAsync(TokenRequestContext, CancellationToken) |
Sequentially calls GetToken(TokenRequestContext, CancellationToken) on all the included credentials in the order EnvironmentCredential, ManagedIdentityCredential, SharedTokenCacheCredential, and InteractiveBrowserCredential returning the first successfully obtained AccessToken. Acquired tokens are cached by the credential instance. Token lifetime and refreshing is handled automatically. Where possible, reuse credential instances to optimize cache effectiveness. |
Applies to
Azure SDK for .NET
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for