TokenCachePersistenceOptions Class

Options for persistent token caching.

Most credentials accept an instance of this class to configure persistent token caching. The default values configure a credential to use a cache shared with Microsoft developer tools and SharedTokenCacheCredential. To isolate a credential's data from other applications, specify a name for the cache.

By default, the cache is encrypted with the current platform's user data protection API, and will raise an error when this is not available. To configure the cache to fall back to an unencrypted file instead of raising an error, specify allow_unencrypted_storage=True.

Warning

The cache contains authentication secrets. If the cache is not encrypted, protecting it is the

application's responsibility. A breach of its contents will fully compromise accounts.

Configuring a credential for persistent caching

cache_options = TokenCachePersistenceOptions()

credential = InteractiveBrowserCredential(cache_persistence_options=cache_options)

specify a cache name to isolate the cache from other applications

TokenCachePersistenceOptions(name="my_application")

configure the cache to fall back to unencrypted storage when encryption isn't available

TokenCachePersistenceOptions(allow_unencrypted_storage=True)

Inheritance
builtins.object
TokenCachePersistenceOptions

Constructor

TokenCachePersistenceOptions(**kwargs)

Parameters

name
str

name of the cache, used to isolate its data from other applications. Defaults to the name of the cache shared by Microsoft dev tools and SharedTokenCacheCredential.

allow_unencrypted_storage
bool

whether the cache should fall back to storing its data in plain text when encryption isn't possible. False by default. Setting this to True does not disable encryption. The cache will always try to encrypt its data.