Share via


SharedTokenCacheCredentialBrokerOptions Class

Definition

Options to configure the SharedTokenCacheCredential to use the system authentication broker for silent authentication if available.

public class SharedTokenCacheCredentialBrokerOptions : Azure.Identity.SharedTokenCacheCredentialOptions
type SharedTokenCacheCredentialBrokerOptions = class
    inherit SharedTokenCacheCredentialOptions
Public Class SharedTokenCacheCredentialBrokerOptions
Inherits SharedTokenCacheCredentialOptions
Inheritance

Constructors

SharedTokenCacheCredentialBrokerOptions()

Initializes a new instance of SharedTokenCacheCredentialBrokerOptions.

SharedTokenCacheCredentialBrokerOptions(TokenCachePersistenceOptions)

Initializes a new instance of SharedTokenCacheCredentialBrokerOptions.

Properties

AuthenticationRecord

The AuthenticationRecord captured from a previous authentication with an interactive credential, such as the InteractiveBrowserCredential or DeviceCodeCredential.

(Inherited from SharedTokenCacheCredentialOptions)
AuthorityHost

The host of the Microsoft Entra authority. The default is https://login.microsoftonline.com/. For well known authority hosts for Azure cloud instances see AzureAuthorityHosts.

(Inherited from TokenCredentialOptions)
ClientId

The client id of the application registration used to authenticate users in the cache.

(Inherited from SharedTokenCacheCredentialOptions)
Diagnostics

Gets the credential diagnostic options.

(Inherited from TokenCredentialOptions)
DisableInstanceDiscovery

Gets or sets the setting which determines whether or not instance discovery is performed when attempting to authenticate. Setting this to true will completely disable both instance discovery and authority validation. This functionality is intended for use in scenarios where the metadata endpoint cannot be reached, such as in private clouds or Azure Stack. The process of instance discovery entails retrieving authority metadata from https://login.microsoft.com/ to validate the authority. By setting this to true, the validation of the authority is disabled. As a result, it is crucial to ensure that the configured authority host is valid and trustworthy."

(Inherited from SharedTokenCacheCredentialOptions)
EnableGuestTenantAuthentication

When set to true the SharedTokenCacheCredential can be used to authenticate to tenants other than the home tenant, requiring Username and TenantId also to be specified as well.

(Inherited from SharedTokenCacheCredentialOptions)
IsMsaPassthroughEnabled

Gets or sets whether Microsoft Account (MSA) passthough.

IsUnsafeSupportLoggingEnabled

Gets or sets value indicating if ETW logging that contains potentially sensitive content should be logged. Setting this property to true will not disable redaction of Request Content. To enable logging of sensitive Content the IsLoggingContentEnabled property must be set to true. Setting this property to true equates to passing 'true' for the enablePiiLogging parameter to the 'WithLogging' method on the MSAL client builder.

(Inherited from TokenCredentialOptions)
Retry

Gets the client retry options.

(Inherited from ClientOptions)
RetryPolicy

Gets or sets the policy to use for retries. If a policy is specified, it will be used in place of the Retry property. The RetryPolicy type can be derived from to modify the default behavior without needing to fully implement the retry logic. If Process(HttpMessage, ReadOnlyMemory<HttpPipelinePolicy>) is overridden or a custom HttpPipelinePolicy is specified, it is the implementer's responsibility to update the ProcessingContext values.

(Inherited from ClientOptions)
TenantId

Specifies the tenant id of the preferred authentication account, to be retrieved from the shared token cache for single sign on authentication with development tools, in the case multiple accounts are found in the shared token.

(Inherited from SharedTokenCacheCredentialOptions)
TokenCachePersistenceOptions

Specifies the TokenCachePersistenceOptions to be used by the credential. Value cannot be null.

(Inherited from SharedTokenCacheCredentialOptions)
Transport

The HttpPipelineTransport to be used for this client. Defaults to an instance of HttpClientTransport.

(Inherited from ClientOptions)
Username

Specifies the preferred authentication account username, or UPN, to be retrieved from the shared token cache for single sign on authentication with development tools, in the case multiple accounts are found in the shared token.

(Inherited from SharedTokenCacheCredentialOptions)

Methods

AddPolicy(HttpPipelinePolicy, HttpPipelinePosition)

Adds an HttpPipeline policy into the client pipeline. The position of policy in the pipeline is controlled by the position parameter. If you want the policy to execute once per client request use PerCall otherwise use PerRetry to run the policy for every retry. Note that the same instance of policy would be added to all pipelines of client constructed using this ClientOptions object.

(Inherited from ClientOptions)

Applies to