ConfidentialClientApplicationBuilder Class

Definition

public class ConfidentialClientApplicationBuilder : Microsoft.Identity.Client.AbstractApplicationBuilder<Microsoft.Identity.Client.ConfidentialClientApplicationBuilder>
type ConfidentialClientApplicationBuilder = class
    inherit AbstractApplicationBuilder<ConfidentialClientApplicationBuilder>
Public Class ConfidentialClientApplicationBuilder
Inherits AbstractApplicationBuilder(Of ConfidentialClientApplicationBuilder)
Inheritance

Methods

Build()

Builds the ConfidentialClientApplication from the parameters set in the builder

Create(String)

Creates a ConfidentialClientApplicationBuilder from a clientID. See https://aka.ms/msal-net-application-configuration

CreateWithApplicationOptions(ConfidentialClientApplicationOptions)

Constructor of a ConfidentialClientApplicationBuilder from application configuration options. See https://aka.ms/msal-net-application-configuration

WithAdfsAuthority(String, Boolean)

Adds a known Authority corresponding to an ADFS server. See https://aka.ms/msal-net-adfs

(Inherited from AbstractApplicationBuilder<T>)
WithAuthority(AadAuthorityAudience, Boolean)

Adds a known Azure AD authority to the application to sign-in users specifying the sign-in audience (the cloud being the Azure public cloud). See https://aka.ms/msal-net-application-configuration.

(Inherited from AbstractApplicationBuilder<T>)
WithAuthority(AzureCloudInstance, AadAuthorityAudience, Boolean)

Adds a known Azure AD authority to the application to sign-in users specifying the cloud instance and the sign-in audience. See https://aka.ms/msal-net-application-configuration.

(Inherited from AbstractApplicationBuilder<T>)
WithAuthority(AzureCloudInstance, Guid, Boolean)

Adds a known Azure AD authority to the application to sign-in users from a single organization (single tenant application) described by its cloud instance and its tenant ID. See https://aka.ms/msal-net-application-configuration.

(Inherited from AbstractApplicationBuilder<T>)
WithAuthority(AzureCloudInstance, String, Boolean)

Adds a known Azure AD authority to the application to sign-in users from a single organization (single tenant application) described by its cloud instance and its domain name or tenant ID. See https://aka.ms/msal-net-application-configuration.

(Inherited from AbstractApplicationBuilder<T>)
WithAuthority(String, Boolean)

Adds a known Azure AD authority to the application to sign-in users specifying the full authority Uri. See https://aka.ms/msal-net-application-configuration.

(Inherited from AbstractApplicationBuilder<T>)
WithAuthority(String, Guid, Boolean)

Adds a known Azure AD authority to the application to sign-in users from a single organization (single tenant application) specified by its tenant ID. See https://aka.ms/msal-net-application-configuration.

(Inherited from AbstractApplicationBuilder<T>)
WithAuthority(String, String, Boolean)

Adds a known Azure AD authority to the application to sign-in users from a single organization (single tenant application) described by its domain name. See https://aka.ms/msal-net-application-configuration.

(Inherited from AbstractApplicationBuilder<T>)
WithAuthority(Uri, Boolean)

Adds a known authority to the application from its Uri. See https://aka.ms/msal-net-application-configuration. This constructor is mainly used for scenarios where the authority is not a standard Azure AD authority, nor an ADFS authority, nor an Azure AD B2C authority. For Azure AD, even in national and sovereign clouds, prefer using other overrides such as WithAuthority(AzureCloudInstance, AadAuthorityAudience, Boolean)

(Inherited from AbstractApplicationBuilder<T>)
WithAzureRegion(String)

Instructs MSAL.NET to use an Azure regional token service.

WithB2CAuthority(String)

Adds a known authority corresponding to an Azure AD B2C policy. See https://aka.ms/msal-net-b2c-specificities

(Inherited from AbstractApplicationBuilder<T>)
WithCacheSynchronization(Boolean)

When set to true, MSAL will lock cache access at the ConfidentialClientApplication level, i.e. the block of code between BeforeAccessAsync and AfterAccessAsync callbacks will be synchronized. Apps can set this flag to false to enable an optimistic cache locking strategy, which may result in better performance, especially when ConfidentialClientApplication objects are reused.

WithCertificate(X509Certificate2)

Sets the certificate associated with the application

WithClientAssertion(Func<String>)

Configures a delegate that creates a client assertion. See https://aka.ms/msal-net-client-assertion

WithClientAssertion(String)

Sets the application client assertion. See https://aka.ms/msal-net-client-assertion. This will create an assertion that will be held within the client application's memory for the duration of the client. You can use WithClientAssertion(Func<String>) to set a delegate that will be executed for each authentication request. This will allow you to update the client assertion used by the client application once the assertion expires.

WithClientCapabilities(IEnumerable<String>)

Microsoft Identity specific OIDC extension that allows resource challenges to be resolved without interaction. Allows configuration of one or more client capabilities, e.g. "llt"

(Inherited from AbstractApplicationBuilder<T>)
WithClientClaims(X509Certificate2, IDictionary<String,String>, Boolean)

Sets the certificate associated with the application along with the specific claims to sign. By default, this will merge the claimsToSign with the default required set of claims needed for authentication. If mergeWithDefaultClaims is set to false, you will need to provide the required default claims. See https://aka.ms/msal-net-client-assertion

WithClientId(String)

Sets the Client ID of the application

(Inherited from AbstractApplicationBuilder<T>)
WithClientName(String)

Sets the name of the calling application for telemetry purposes.

(Inherited from AbstractApplicationBuilder<T>)
WithClientSecret(String)

Sets the application secret

WithClientVersion(String)

Sets the version of the calling application for telemetry purposes.

(Inherited from AbstractApplicationBuilder<T>)
WithDebugLoggingCallback(LogLevel, Boolean, Boolean)

Sets the Debug logging callback to a default debug method which displays the level of the message and the message itself. For details see https://aka.ms/msal-net-logging

(Inherited from AbstractApplicationBuilder<T>)
WithExperimentalFeatures(Boolean)

Allows usage of experimental features and APIs. If this flag is not set, experimental features will throw an exception. For details see https://aka.ms/msal-net-experimental-features

(Inherited from AbstractApplicationBuilder<T>)
WithExtraQueryParameters(IDictionary<String,String>)

Sets Extra Query Parameters for the query string in the HTTP authentication request

(Inherited from AbstractApplicationBuilder<T>)
WithExtraQueryParameters(String)

Sets Extra Query Parameters for the query string in the HTTP authentication request

(Inherited from AbstractApplicationBuilder<T>)
WithHttpClientFactory(IMsalHttpClientFactory)

Uses a specific IMsalHttpClientFactory to communicate with the IdP. This enables advanced scenarios such as setting a proxy, or setting the Agent.

(Inherited from AbstractApplicationBuilder<T>)
WithInstanceDiscoveryMetadata(String)

Allows developers to configure their own valid authorities. A json string similar to https://aka.ms/aad-instance-discovery should be provided. MSAL uses this information to:

  • Call REST APIs on the environment specified in the preferred_network
  • Identify an environment under which to save tokens and accounts in the cache
  • Use the environment aliases to match tokens issued to other authorities
For more details see https://aka.ms/msal-net-custom-instance-metadata (Inherited from AbstractApplicationBuilder<T>)
WithInstanceDiscoveryMetadata(Uri)

Lets an organization setup their own service to handle instance discovery, which enables better caching for microservice/service environments. A Uri that returns a response similar to https://aka.ms/aad-instance-discovery should be provided. MSAL uses this information to:

  • Call REST APIs on the environment specified in the preferred_network
  • Identify an environment under which to save tokens and accounts in the cache
  • Use the environment aliases to match tokens issued to other authorities
For more details see https://aka.ms/msal-net-custom-instance-metadata (Inherited from AbstractApplicationBuilder<T>)
WithLegacyCacheCompatibility(Boolean)

Enables legacy ADAL cache serialization and deserialization.

(Inherited from AbstractApplicationBuilder<T>)
WithLogging(LogCallback, Nullable<LogLevel>, Nullable<Boolean>, Nullable<Boolean>)

Sets the logging callback. For details see https://aka.ms/msal-net-logging

(Inherited from AbstractApplicationBuilder<T>)
WithOptions(ApplicationOptions)

Sets application options, which can, for instance have been read from configuration files. See https://aka.ms/msal-net-application-configuration.

(Inherited from AbstractApplicationBuilder<T>)
WithRedirectUri(String)

Sets the redirect URI of the application. See https://aka.ms/msal-net-application-configuration

(Inherited from AbstractApplicationBuilder<T>)
WithTelemetry(ITelemetryConfig)

Generate telemetry aggregation events.

(Inherited from AbstractApplicationBuilder<T>)
WithTenantId(String)

Sets the Tenant Id of the organization from which the application will let users sign-in. This is classically a GUID or a domain name. See https://aka.ms/msal-net-application-configuration. Although it is also possible to set tenantId to common, organizations, and consumers, it's recommended to use one of the overrides of WithAuthority(AzureCloudInstance, AadAuthorityAudience, Boolean)

(Inherited from AbstractApplicationBuilder<T>)

Applies to