EnvironmentCredential Class

Definition

Namespace:

Azure.Identity

Assembly:

Azure.Identity.dll

Package:

Azure.Identity v1.8.1

Package:

Azure.Identity v1.9.0-beta.1

Enables authentication to Azure Active Directory using client secret, or username and password, details configured in the following environment variables:

Variable	Description
AZURE_TENANT_ID	The Azure Active Directory tenant(directory) ID.
AZURE_CLIENT_ID	The client(application) ID of an App Registration in the tenant.
AZURE_CLIENT_SECRET	A client secret that was generated for the App Registration.
AZURE_CLIENT_CERTIFICATE_PATH	A path to certificate and private key pair in PEM or PFX format, which can authenticate the App Registration.
AZURE_CLIENT_SEND_CERTIFICATE_CHAIN	Specifies whether an authentication request will include an x5c header to support subject name / issuer based authentication. When set to `true` or `1`, authentication requests include the x5c header.
AZURE_USERNAME	The username, also known as upn, of an Azure Active Directory user account.
AZURE_PASSWORD	The password of the Azure Active Directory user account. Note this does not support accounts with MFA enabled.

This credential ultimately uses a ClientSecretCredential, ClientCertificateCredential, or UsernamePasswordCredential to perform the authentication using these details. Please consult the documentation of that class for more details.

public class EnvironmentCredential : Azure.Core.TokenCredential

type EnvironmentCredential = class
    inherit TokenCredential

Public Class EnvironmentCredential
Inherits TokenCredential

Inheritance

Object

TokenCredential

EnvironmentCredential

Constructors

EnvironmentCredential()	Creates an instance of the EnvironmentCredential class and reads client secret details from environment variables. If the expected environment variables are not found at this time, the GetToken method will return the default AccessToken when invoked.
EnvironmentCredential(TokenCredentialOptions)	Creates an instance of the EnvironmentCredential class and reads client secret details from environment variables. If the expected environment variables are not found at this time, the GetToken method will return the default AccessToken when invoked.

Methods

GetToken(TokenRequestContext, CancellationToken)

Obtains a token from the Azure Active Directory service, using the specified client details specified in the environment variables AZURE_TENANT_ID, AZURE_CLIENT_ID, and AZURE_CLIENT_SECRET or AZURE_USERNAME and AZURE_PASSWORD to authenticate. Acquired tokens are cached by the credential instance. Token lifetime and refreshing is handled automatically. Where possible, reuse credential instances to optimize cache effectiveness.

GetTokenAsync(TokenRequestContext, CancellationToken)

Obtains a token from the Azure Active Directory service, using the specified client details specified in the environment variables AZURE_TENANT_ID, AZURE_CLIENT_ID, and AZURE_CLIENT_SECRET or AZURE_USERNAME and AZURE_PASSWORD to authenticate. Acquired tokens are cached by the credential instance. Token lifetime and refreshing is handled automatically. Where possible, reuse credential instances to optimize cache effectiveness.