DefaultAzureCredentialOptions Class

Reference

Definition

Namespace:: Azure.Identity

Assembly:: Azure.Identity.dll

Package:: Azure.Identity v1.11.1

Package:: Azure.Identity v1.11.0-beta.1

Source:: DefaultAzureCredentialOptions.cs

Source:: DefaultAzureCredentialOptions.cs

Important

Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Options to configure the DefaultAzureCredential authentication flow and requests made to Azure Identity services.

public class DefaultAzureCredentialOptions : Azure.Identity.TokenCredentialOptions

type DefaultAzureCredentialOptions = class
    inherit TokenCredentialOptions

Public Class DefaultAzureCredentialOptions
Inherits TokenCredentialOptions

Inheritance: Object

ClientOptions

TokenCredentialOptions
DefaultAzureCredentialOptions

Constructors

DefaultAzureCredentialOptions()

Properties

AdditionallyAllowedTenants	Specifies tenants in addition to the specified TenantId for which the credential may acquire tokens. Add the wildcard value "*" to allow the credential to acquire tokens for any tenant the logged in account can access. If no value is specified for TenantId, this option will have no effect on that authentication method, and the credential will acquire tokens for any requested tenant when using that method. This value can also be set by setting the environment variable AZURE_ADDITIONALLY_ALLOWED_TENANTS.
AuthorityHost	The host of the Microsoft Entra authority. The default is https://login.microsoftonline.com/. For well known authority hosts for Azure cloud instances see AzureAuthorityHosts. (Inherited from TokenCredentialOptions)
CredentialProcessTimeout	Specifies timeout for credentials invoked via sub-process. e.g. Visual Studio, Azure CLI, Azure Powershell.
Diagnostics	Gets the credential diagnostic options. (Inherited from TokenCredentialOptions)
DisableInstanceDiscovery
ExcludeAzureCliCredential	Specifies whether the AzureCliCredential will be excluded from the DefaultAzureCredential authentication flow.
ExcludeAzureDeveloperCliCredential	Specifies whether the AzureDeveloperCliCredential will be excluded from the DefaultAzureCredential authentication flow.
ExcludeAzurePowerShellCredential	Specifies whether the AzurePowerShellCredential will be excluded from the DefaultAzureCredential authentication flow.
ExcludeEnvironmentCredential	Specifies whether the EnvironmentCredential will be excluded from the authentication flow. Setting to true disables reading authentication details from the process' environment variables.
ExcludeInteractiveBrowserCredential	Specifies whether the InteractiveBrowserCredential will be excluded from the DefaultAzureCredential authentication flow. Setting to true disables launching the default system browser to authenticate in development environments. The default is `true`.
ExcludeManagedIdentityCredential	Specifies whether the ManagedIdentityCredential will be excluded from the DefaultAzureCredential authentication flow. Setting to true disables authenticating with managed identity endpoints.
ExcludeSharedTokenCacheCredential	Specifies whether the SharedTokenCacheCredential will be excluded from the DefaultAzureCredential authentication flow. Setting to true disables single sign on authentication with development tools which write to the shared token cache. The default is `true`.
ExcludeVisualStudioCodeCredential	Specifies whether the VisualStudioCodeCredential will be excluded from the DefaultAzureCredential authentication flow. The default is `true`.
ExcludeVisualStudioCredential	Specifies whether the VisualStudioCredential will be excluded from the DefaultAzureCredential authentication flow.
ExcludeWorkloadIdentityCredential	Specifies whether the WorkloadIdentityCredential will be excluded from the authentication flow. Setting to true disables reading authentication details from the process' environment variables.
InteractiveBrowserCredentialClientId	Specifies the client id of the selected credential
IsUnsafeSupportLoggingEnabled	Gets or sets value indicating if ETW logging that contains potentially sensitive content should be logged. Setting this property to true will not disable redaction of Request Content. To enable logging of sensitive Content the IsLoggingContentEnabled property must be set to `true`. Setting this property to `true` equates to passing 'true' for the enablePiiLogging parameter to the 'WithLogging' method on the MSAL client builder. (Inherited from TokenCredentialOptions)
ManagedIdentityClientId	Specifies the client id of a user assigned ManagedIdentity. If this value is configured, then ManagedIdentityResourceId should not be configured.
ManagedIdentityResourceId	Specifies the resource id of a user assigned ManagedIdentity. If this value is configured, then ManagedIdentityClientId should not be configured.
Retry	Gets the client retry options. (Inherited from ClientOptions)
RetryPolicy	Gets or sets the policy to use for retries. If a policy is specified, it will be used in place of the Retry property. The RetryPolicy type can be derived from to modify the default behavior without needing to fully implement the retry logic. If Process(HttpMessage, ReadOnlyMemory<HttpPipelinePolicy>) is overridden or a custom HttpPipelinePolicy is specified, it is the implementer's responsibility to update the ProcessingContext values. (Inherited from ClientOptions)
SharedTokenCacheUsername	Specifies the preferred authentication account to be retrieved from the shared token cache for single sign on authentication with development tools. In the case multiple accounts are found in the shared token.
TenantId	The ID of the tenant to which the credential will authenticate by default. If not specified, the credential will authenticate to any requested tenant, and will default to the tenant to which the chosen authentication method was originally authenticated.
Transport	The HttpPipelineTransport to be used for this client. Defaults to an instance of HttpClientTransport. (Inherited from ClientOptions)
WorkloadIdentityClientId	Specifies the client id of the application the workload identity will authenticate.

Methods

AddPolicy(HttpPipelinePolicy, HttpPipelinePosition)

Adds an HttpPipeline policy into the client pipeline. The position of policy in the pipeline is controlled by the position parameter. If you want the policy to execute once per client request use PerCall otherwise use PerRetry to run the policy for every retry. Note that the same instance of policy would be added to all pipelines of client constructed using this ClientOptions object.

(Inherited from ClientOptions)

Applies to