TokenAcquisitionOptions Class

Reference

Definition

Namespace:: Microsoft.Identity.Web

Assembly:: Microsoft.Identity.Web.TokenAcquisition.dll

Package:: Microsoft.Identity.Web.TokenAcquisition v2.18.1

Important

Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Options passed-in to create the token acquisition object which calls into MSAL .NET.

public class TokenAcquisitionOptions : Microsoft.Identity.Abstractions.AcquireTokenOptions

type TokenAcquisitionOptions = class
    inherit AcquireTokenOptions

Public Class TokenAcquisitionOptions
Inherits AcquireTokenOptions

Inheritance: Object

AcquireTokenOptions
TokenAcquisitionOptions

Constructors

TokenAcquisitionOptions()

Properties

AuthenticationOptionsName	Gets the name of the options describing the confidential client application (ClientID, Region, Authority, client credentials). In ASP.NET Core, the authenticatiopn options name is the same as the authentication scheme. (Inherited from AcquireTokenOptions)
CancellationToken	Cancellation token to be used when calling the token acquisition methods.
Claims	A string with one or multiple claims to request. It's a json blob (encoded or not) Normally used with Conditional Access. It receives the Claims member of the UiRequiredException. It can also be used to request specific optional claims, and for CA Auth context (Inherited from AcquireTokenOptions)
CorrelationId	Sets the correlation ID to be used in the request to the STS "/token" endpoint. (Inherited from AcquireTokenOptions)
ExtraHeadersParameters	(Inherited from AcquireTokenOptions)
ExtraQueryParameters	Sets query parameters for the query string in the HTTP request to the "/token" endpoint. (Inherited from AcquireTokenOptions)
ForceRefresh	Specifies if the token request will ignore the access token in the token cache and will attempt to acquire a new access token. If `true`, the request will ignore the token cache. The default is `false`. Use this option with care and only when needed, for instance, if you know that conditional access policies have changed, for it induces performance degradation, as the token cache is not utilized, and the STS might throttle the app. (Inherited from AcquireTokenOptions)
LongRunningWebApiSessionKey	Key used for long running web APIs that need to call downstream web APIs on behalf of the user. Can be null, if you are not developing a long running web API, LongRunningWebApiSessionKeyAuto if you want the token acquirer to allocate a session key for you, or your own string if you want to associate the session with some information you have externally (for instance a Microsoft Graph hook identifier). (Inherited from AcquireTokenOptions)
ManagedIdentity	When ManagedIdentity is set, the application uses a managed identity instead of client credentials to acquire an app token. To use a system-assigned identity, simply leave UserAssignedClientId null. To use a user-assigned identity, set UserAssignedClientId to the ClientID of the user-assigned identity you want to use. Using either form of managed identity requires the application to be deployed on Azure and the managed identity to be configured. For more details, check the managed identities for Azure documentation. (Inherited from AcquireTokenOptions)
PopClaim	In addition to the PopPublicKey, specify the PopClaim when needed in specific POP protocols. (Inherited from AcquireTokenOptions)
PoPConfiguration	Modifies the token acquisition request so that the acquired token is a Proof of Possession token (PoP), rather than a Bearer token. PoP tokens are similar to Bearer tokens, but are bound to the HTTP request and to a cryptographic key, which MSAL can manage. See https://aka.ms/msal-net-pop.
PopPublicKey	Modifies the token acquisition request so that the acquired token is a Proof of Possession token (PoP), rather than a Bearer token. PoP tokens are similar to Bearer tokens, but are bound to the HTTP request and to a cryptographic key, which MSAL can manage. See https://aka.ms/msal-net-pop. (Inherited from AcquireTokenOptions)
Tenant	(Microsoft identity specific) Enables to override the tenant/account for which to get a token. This is useful in multi-tenant apps in the cases where a given user account is a guest in other tenants, and you want to acquire tokens for a specific tenant. (Inherited from AcquireTokenOptions)
UserFlow	(Microsoft identity specific) In the case of AzureAD B2C, uses a particular user flow. (Inherited from AcquireTokenOptions)

Methods

Clone()

Clone the options (to be able to override them).

Applies to