Delen via


AuthenticationResult Class

Definition

Contains the results of one token acquisition operation in PublicClientApplication or ConfidentialClientApplication. For details see https://aka.ms/msal-net-authenticationresult

public class AuthenticationResult
type AuthenticationResult = class
Public Class AuthenticationResult
Inheritance
AuthenticationResult

Constructors

AuthenticationResult(String, Boolean, String, DateTimeOffset, DateTimeOffset, String, IAccount, String, IEnumerable<String>, Guid, AuthenticationResultMetadata, String)

Constructor meant to help application developers test their apps. Allows mocking of authentication flows. App developers should never new-up AuthenticationResult in product code.

AuthenticationResult(String, Boolean, String, DateTimeOffset, DateTimeOffset, String, IAccount, String, IEnumerable<String>, Guid, String, AuthenticationResultMetadata, ClaimsPrincipal, String, IReadOnlyDictionary<String,String>)

Constructor meant to help application developers test their apps. Allows mocking of authentication flows. App developers should never new-up AuthenticationResult in product code.

Properties

AccessToken

Access Token that can be used as a bearer token to access protected web APIs

Account

Gets the account information. Some elements in IAccount might be null if not returned by the service. The account can be passed back in some API overloads to identify which account should be used such as AcquireTokenSilent(IEnumerable<String>, IAccount) or RemoveAsync(IAccount) for instance

AdditionalResponseParameters

Exposes additional response parameters returned by the token issuer (AAD).

AuthenticationResultMetadata

Contains metadata for the Authentication result.

ClaimsPrincipal

All the claims present in the ID token.

CorrelationId

Gets the correlation id used for the request.

ExpiresOn

Gets the point in time in which the Access Token returned in the AccessToken property ceases to be valid. This value is calculated based on current UTC time measured locally and the value expiresIn received from the service.

ExtendedExpiresOn
Obsolete.

Gets the point in time in which the Access Token returned in the AccessToken property ceases to be valid in MSAL's extended LifeTime. This value is calculated based on current UTC time measured locally and the value ext_expiresIn received from the service.

IdToken

Gets the Id Token if returned by the service or null if no Id Token is returned.

IsExtendedLifeTimeToken
Obsolete.

In case when Azure AD has an outage, to be more resilient, it can return tokens with an expiration time, and also with an extended expiration time. The tokens are then automatically refreshed by MSAL when the time is more than the expiration time, except when ExtendedLifeTimeEnabled is true and the time is less than the extended expiration time. This goes in pair with Web APIs middleware which, when this extended life time is enabled, can accept slightly expired tokens. Client applications accept extended life time tokens only if the ExtendedLifeTimeEnabled Boolean is set to true on ClientApplicationBase.

Scopes

Gets the granted scope values returned by the service.

SpaAuthCode

Gets the SPA Authorization Code, if it was requested using WithSpaAuthorizationCode method on the AcquireTokenByAuthorizationCode builder. See https://aka.ms/msal-net/spa-auth-code for details.

TenantId

Gets an identifier for the Azure AD tenant from which the token was acquired. This property will be null if tenant information is not returned by the service.

TokenType

Identifies the type of access token. By default tokens returned by Azure Active Directory are Bearer tokens.
for getting an HTTP authorization header from an AuthenticationResult.

UniqueId

Gets the Unique Id of the account in this TenantId It is set as the oid (ObjectId) claim, or if that claim is null, as the sub (Subject) claim which is guaranteed not-null.

User
Obsolete.

In MSAL.NET 1.x, returned the user who signed in to get the authentication result. From MSAL 2.x rather use Account instead. See https://aka.ms/msal-net-2-released for more details.

Methods

CreateAuthorizationHeader()

Creates the content for an HTTP authorization header from this authentication result, so that you can call a protected API

Applies to