EnvironmentCredential Class
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Enables authentication to Microsoft Entra ID using a client secret or certificate.
Configuration is attempted in this order, using these environment variables:
Service principal with secret:| Variable | Description |
|---|---|
| AZURE_TENANT_ID | The Microsoft Entra tenant (directory) ID. |
| AZURE_CLIENT_ID | The client (application) ID of an App Registration in the tenant. |
| AZURE_CLIENT_SECRET | A client secret that was generated for the App Registration. |
| Variable | Description |
|---|---|
| AZURE_TENANT_ID | The Microsoft Entra tenant (directory) ID. |
| AZURE_CLIENT_ID | The client (application) ID of an App Registration in the tenant. |
| AZURE_CLIENT_CERTIFICATE_PATH | A path to certificate and private key pair in PEM or PFX format, which can authenticate the App Registration. |
| AZURE_CLIENT_CERTIFICATE_PASSWORD | (Optional) The password protecting the certificate file (currently only supported for PFX (PKCS12) certificates). |
| AZURE_CLIENT_SEND_CERTIFICATE_CHAIN | (Optional) Specifies whether an authentication request will include an x5c header to support subject name / issuer based authentication. When set to `true` or `1`, authentication requests include the x5c header. |
| Variable | Description |
|---|---|
| AZURE_TENANT_ID | The Microsoft Entra tenant (directory) ID. |
| AZURE_CLIENT_ID | The client (application) ID of an App Registration in the tenant. |
This credential ultimately uses a ClientSecretCredential or ClientCertificateCredential to perform the authentication using these details. Please consult the documentation of those classes for more details.
public class EnvironmentCredential : Azure.Core.TokenCredentialtype EnvironmentCredential = class
inherit TokenCredentialPublic Class EnvironmentCredential
Inherits TokenCredential- Inheritance
Constructors
| EnvironmentCredential() |
Creates an instance of the EnvironmentCredential class and reads client secret details from environment variables. If the expected environment variables are not found at this time, the GetToken method will return the default AccessToken when invoked. |
| EnvironmentCredential(EnvironmentCredentialOptions) |
Creates an instance of the EnvironmentCredential class and reads client secret details from environment variables. If the expected environment variables are not found at this time, the GetToken method will return the default AccessToken when invoked. |
Methods
| CreateTokenOptions(IReadOnlyDictionary<String,Object>) |
Creates a new instance of GetTokenOptions using the provided |
| GetToken(GetTokenOptions, CancellationToken) |
Gets an AuthenticationToken for the provided |
| GetToken(TokenRequestContext, CancellationToken) |
Obtains a token from Microsoft Entra ID, using the client details specified in the environment variables AZURE_TENANT_ID, AZURE_CLIENT_ID, and AZURE_CLIENT_SECRET to authenticate. Acquired tokens are cached by the credential instance. Token lifetime and refreshing is handled automatically. Where possible, reuse credential instances to optimize cache effectiveness. |
| GetTokenAsync(GetTokenOptions, CancellationToken) |
Gets an AuthenticationToken for the provided |
| GetTokenAsync(TokenRequestContext, CancellationToken) |
Obtains a token from Microsoft Entra ID, using the client details specified in the environment variables AZURE_TENANT_ID, AZURE_CLIENT_ID, and AZURE_CLIENT_SECRET to authenticate. Acquired tokens are cached by the credential instance. Token lifetime and refreshing is handled automatically. Where possible, reuse credential instances to optimize cache effectiveness. |
