AuthenticationResult Class

Definition

Contains the results of one token acquisition operation in PublicClientApplication or ConfidentialClientApplication. For details see https://aka.ms/msal-net-authenticationresult

public class AuthenticationResult
type AuthenticationResult = class
Public Class AuthenticationResult
Inheritance
AuthenticationResult

Constructors

AuthenticationResult(String, Boolean, String, DateTimeOffset, DateTimeOffset, String, IAccount, String, IEnumerable<String>, Guid, String)

Constructor meant to help application developers test their apps. Allows mocking of authentication flows. App developers should never new-up AuthenticationResult in product code.

Properties

AccessToken

Access Token that can be used as a bearer token to access protected web APIs

Account

Gets the account information. Some elements in IAccount might be null if not returned by the service. The account can be passed back in some API overloads to identify which account should be used such as AcquireTokenSilent(IEnumerable<String>, IAccount) or RemoveAsync(IAccount) for instance

CorrelationId

Gets the correlation id used for the request.

ExpiresOn

Gets the point in time in which the Access Token returned in the AccessToken property ceases to be valid. This value is calculated based on current UTC time measured locally and the value expiresIn received from the service.

ExtendedExpiresOn

Gets the point in time in which the Access Token returned in the AccessToken property ceases to be valid in MSAL's extended LifeTime. This value is calculated based on current UTC time measured locally and the value ext_expiresIn received from the service.

IdToken

Gets the Id Token if returned by the service or null if no Id Token is returned.

IsExtendedLifeTimeToken

In case when Azure AD has an outage, to be more resilient, it can return tokens with an expiration time, and also with an extended expiration time. The tokens are then automatically refreshed by MSAL when the time is more than the expiration time, except when ExtendedLifeTimeEnabled is true and the time is less than the extended expiration time. This goes in pair with Web APIs middleware which, when this extended life time is enabled, can accept slightly expired tokens. Client applications accept extended life time tokens only if the ExtendedLifeTimeEnabled Boolean is set to true on ClientApplicationBase.

Scopes

Gets the granted scope values returned by the service.

TenantId

Gets an identifier for the Azure AD tenant from which the token was acquired. This property will be null if tenant information is not returned by the service.

UniqueId

Gets the Unique Id of the account. It can be null. When the IdToken is not null, this is its ID, that is its ObjectId claim, or if that claim is null, the Subject claim.

Methods

CreateAuthorizationHeader()

Creates the content for an HTTP authorization header from this authentication result, so that you can call a protected API

Applies to