AcquireTokenForClientParameterBuilder Class

Definition

Builder for AcquireTokenForClient (used in client credential flows, in daemon applications). See https://aka.ms/msal-net-client-credentials

public sealed class AcquireTokenForClientParameterBuilder : Microsoft.Identity.Client.AbstractConfidentialClientAcquireTokenParameterBuilder<Microsoft.Identity.Client.AcquireTokenForClientParameterBuilder>
type AcquireTokenForClientParameterBuilder = class
    inherit AbstractConfidentialClientAcquireTokenParameterBuilder<AcquireTokenForClientParameterBuilder>
Public NotInheritable Class AcquireTokenForClientParameterBuilder
Inherits AbstractConfidentialClientAcquireTokenParameterBuilder(Of AcquireTokenForClientParameterBuilder)
Inheritance

Methods

ExecuteAsync()

Executes the Token request asynchronously.

(Inherited from AbstractAcquireTokenParameterBuilder<T>)
ExecuteAsync(CancellationToken)

Executes the Token request asynchronously, with a possibility of canceling the asynchronous method.

(Inherited from AbstractConfidentialClientAcquireTokenParameterBuilder<T>)
Validate()

Validates the parameters of the AcquireToken operation.

(Inherited from AbstractConfidentialClientAcquireTokenParameterBuilder<T>)
WithAdfsAuthority(String, Boolean)

Adds a known Authority corresponding to an ADFS server. See https://aka.ms/msal-net-adfs.

(Inherited from AbstractAcquireTokenParameterBuilder<T>)
WithAuthority(AadAuthorityAudience, Boolean)

Adds a known Azure AD authority to the application to sign-in users specifying the sign-in audience (the cloud being the Azure public cloud). See https://aka.ms/msal-net-application-configuration.

(Inherited from AbstractAcquireTokenParameterBuilder<T>)
WithAuthority(AzureCloudInstance, AadAuthorityAudience, Boolean)

Adds a known Azure AD authority to the application to sign-in users specifying the cloud instance and the sign-in audience. See https://aka.ms/msal-net-application-configuration.

(Inherited from AbstractAcquireTokenParameterBuilder<T>)
WithAuthority(AzureCloudInstance, Guid, Boolean)

Adds a known Azure AD authority to the application to sign-in users from a single organization (single tenant application) described by its cloud instance and its tenant ID. See https://aka.ms/msal-net-application-configuration.

(Inherited from AbstractAcquireTokenParameterBuilder<T>)
WithAuthority(AzureCloudInstance, String, Boolean)

Adds a known Azure AD authority to the application to sign-in users from a single organization (single tenant application) described by its cloud instance and its domain name or tenant ID. See https://aka.ms/msal-net-application-configuration.

(Inherited from AbstractAcquireTokenParameterBuilder<T>)
WithAuthority(String, Boolean)

Specific authority for which the token is requested. Passing a different value than configured at the application constructor narrows down the selection to a specific tenant. This does not change the configured value in the application. This is specific to applications managing several accounts (like a mail client with several mailboxes). See https://aka.ms/msal-net-application-configuration.

(Inherited from AbstractAcquireTokenParameterBuilder<T>)
WithAuthority(String, Guid, Boolean)

Adds a known Azure AD authority to the application to sign-in users from a single organization (single tenant application) specified by its tenant ID. See https://aka.ms/msal-net-application-configuration.

(Inherited from AbstractAcquireTokenParameterBuilder<T>)
WithAuthority(String, String, Boolean)

Adds a known Azure AD authority to the application to sign-in users from a single organization (single tenant application) described by its domain name. See https://aka.ms/msal-net-application-configuration.

(Inherited from AbstractAcquireTokenParameterBuilder<T>)
WithB2CAuthority(String)

Adds a known authority corresponding to an Azure AD B2C policy. See https://aka.ms/msal-net-b2c-specificities

(Inherited from AbstractAcquireTokenParameterBuilder<T>)
WithClaims(String)

Sets claims in the query. Use when the AAD admin has enabled conditional access. Acquiring the token normally will result in a MsalUiRequiredException with the Claims property set. Retry the token acquisition, and use this value in the WithClaims(String) method. See https://aka.ms/msal-exceptions for details as well as https://aka.ms/msal-net-claim-challenge.

(Inherited from AbstractAcquireTokenParameterBuilder<T>)
WithCorrelationId(Guid)

Sets the correlation id to be used in the authentication request. Used to track a request in the logs of both the SDK and the Identity Provider service. If not set, a random one will be generated.

(Inherited from AbstractAcquireTokenParameterBuilder<T>)
WithExtraQueryParameters(Dictionary<String,String>)

Sets Extra Query Parameters for the query string in the HTTP authentication request.

(Inherited from AbstractAcquireTokenParameterBuilder<T>)
WithExtraQueryParameters(String)

Sets Extra Query Parameters for the query string in the HTTP authentication request.

(Inherited from AbstractAcquireTokenParameterBuilder<T>)
WithForceRefresh(Boolean)

Specifies if the token request will ignore the access token in the application token cache and will attempt to acquire a new access token using client credentials. By default the token is taken from the application token cache (forceRefresh=false)

WithProofOfPossession(PoPAuthenticationConfiguration)

Modifies the token acquisition request so that the acquired token is a Proof of Possession token (PoP), rather than a Bearer token. PoP tokens are similar to Bearer tokens, but are bound to the HTTP request and to a cryptographic key, which MSAL can manage on Windows. See https://aka.ms/msal-net-pop

(Inherited from AbstractConfidentialClientAcquireTokenParameterBuilder<T>)
WithScopes(IEnumerable<String>)

Specifies which scopes to request. This method is used when your application needs to specify the scopes needed to call a protected API. See https://docs.microsoft.com/azure/active-directory/develop/v2-permissions-and-consent to learn more about scopes, permissions and consent, and https://docs.microsoft.com/azure/active-directory/develop/msal-v1-app-scopes to learn how to create scopes for legacy applications which used to expose OAuth2 permissions.

(Inherited from AbstractAcquireTokenParameterBuilder<T>)
WithSendX5C(Boolean)

Applicable to first-party applications only, this method also allows to specify if the x5c claim should be sent to Azure AD. Sending the x5c enables application developers to achieve easy certificate roll-over in Azure AD: this method will send the certificate chain to Azure AD along with the token request, so that Azure AD can use it to validate the subject name based on a trusted issuer policy. This saves the application admin from the need to explicitly manage the certificate rollover (either via portal or PowerShell/CLI operation). For details see https://aka.ms/msal-net-sni

WithTenantId(String)

Overrides the tenant ID specified in the authority at the application level. This operation preserves the authority host (environment).

If an authority was not specified at the application level, the default used is https://login.microsoftonline.com/common.

(Inherited from AbstractAcquireTokenParameterBuilder<T>)

Extension Methods

WithExtraHttpHeaders<T>(AbstractAcquireTokenParameterBuilder<T>, IDictionary<String,String>)

Adds additional Http Headers to the token request.

OnBeforeTokenRequest<T>(AbstractAcquireTokenParameterBuilder<T>, Func<OnBeforeTokenRequestData,Task>)

Intervenes in the request pipeline, by executing a user provided delegate before MSAL makes the token request. The delegate can modify the request payload by adding or removing body parameters and headers. OnBeforeTokenRequestData

WithProofOfPosessionKeyId(AcquireTokenForClientParameterBuilder, String)

Binds the token to a key in the cache. L2 cache keys contain the key id. No cryptographic operations is performed on the token.

Applies to