AbstractApplicationBuilder<T>.WithAuthority Method

Definition

Overloads

WithAuthority(AadAuthorityAudience, Boolean)

Adds a known Azure AD authority to the application to sign-in users specifying the sign-in audience (the cloud being the Azure public cloud). See https://aka.ms/msal-net-application-configuration.

WithAuthority(String, Boolean)

Adds a known Azure AD authority to the application to sign-in users specifying the full authority Uri. See https://aka.ms/msal-net-application-configuration.

WithAuthority(Uri, Boolean)

Adds a known authority to the application from its Uri. See https://aka.ms/msal-net-application-configuration. This constructor is mainly used for scenarios where the authority is not a standard Azure AD authority, nor an ADFS authority, nor an Azure AD B2C authority. For Azure AD, even in national and sovereign clouds, prefer using other overrides such as WithAuthority(AzureCloudInstance, AadAuthorityAudience, Boolean)

WithAuthority(AzureCloudInstance, AadAuthorityAudience, Boolean)

Adds a known Azure AD authority to the application to sign-in users specifying the cloud instance and the sign-in audience. See https://aka.ms/msal-net-application-configuration.

WithAuthority(AzureCloudInstance, Guid, Boolean)

Adds a known Azure AD authority to the application to sign-in users from a single organization (single tenant application) described by its cloud instance and its tenant ID. See https://aka.ms/msal-net-application-configuration.

WithAuthority(AzureCloudInstance, String, Boolean)

Adds a known Azure AD authority to the application to sign-in users from a single organization (single tenant application) described by its cloud instance and its domain name or tenant ID. See https://aka.ms/msal-net-application-configuration.

WithAuthority(String, Guid, Boolean)

Adds a known Azure AD authority to the application to sign-in users from a single organization (single tenant application) specified by its tenant ID. See https://aka.ms/msal-net-application-configuration.

WithAuthority(String, String, Boolean)

Adds a known Azure AD authority to the application to sign-in users from a single organization (single tenant application) described by its domain name. See https://aka.ms/msal-net-application-configuration.

WithAuthority(AadAuthorityAudience, Boolean)

Adds a known Azure AD authority to the application to sign-in users specifying the sign-in audience (the cloud being the Azure public cloud). See https://aka.ms/msal-net-application-configuration.

public T WithAuthority (Microsoft.Identity.Client.AadAuthorityAudience authorityAudience, bool validateAuthority = true);
member this.WithAuthority : Microsoft.Identity.Client.AadAuthorityAudience * bool -> 'T
Public Function WithAuthority (authorityAudience As AadAuthorityAudience, Optional validateAuthority As Boolean = true) As T

Parameters

authorityAudience
AadAuthorityAudience

Sign-in audience (one AAD organization, any work and school accounts, or any work and school accounts and Microsoft personal accounts

validateAuthority
Boolean

Whether the authority should be validated against the server metadata.

Returns

T

The builder to chain the .With methods

Applies to

WithAuthority(String, Boolean)

Adds a known Azure AD authority to the application to sign-in users specifying the full authority Uri. See https://aka.ms/msal-net-application-configuration.

public T WithAuthority (string authorityUri, bool validateAuthority = true);
member this.WithAuthority : string * bool -> 'T
Public Function WithAuthority (authorityUri As String, Optional validateAuthority As Boolean = true) As T

Parameters

authorityUri
String

URL of the security token service (STS) from which MSAL.NET will acquire the tokens. Usual authorities endpoints for the Azure public Cloud are:

  • https://login.microsoftonline.com/tenant/ where tenant is the tenant ID of the Azure AD tenant or a domain associated with this Azure AD tenant, in order to sign-in users of a specific organization only
  • https://login.microsoftonline.com/common/ to sign-in users with any work and school accounts or Microsoft personal account
  • https://login.microsoftonline.com/organizations/ to sign-in users with any work and school accounts
  • https://login.microsoftonline.com/consumers/ to sign-in users with only personal Microsoft accounts (live)
Note that this setting needs to be consistent with what is declared in the application registration portal
validateAuthority
Boolean

Whether the authority should be validated against the server metadata.

Returns

T

The builder to chain the .With methods

Applies to

WithAuthority(Uri, Boolean)

Adds a known authority to the application from its Uri. See https://aka.ms/msal-net-application-configuration. This constructor is mainly used for scenarios where the authority is not a standard Azure AD authority, nor an ADFS authority, nor an Azure AD B2C authority. For Azure AD, even in national and sovereign clouds, prefer using other overrides such as WithAuthority(AzureCloudInstance, AadAuthorityAudience, Boolean)

public T WithAuthority (Uri authorityUri, bool validateAuthority = true);
member this.WithAuthority : Uri * bool -> 'T
Public Function WithAuthority (authorityUri As Uri, Optional validateAuthority As Boolean = true) As T

Parameters

authorityUri
Uri

Uri of the authority

validateAuthority
Boolean

Whether the authority should be validated against the server metadata.

Returns

T

The builder to chain the .With methods

Applies to

WithAuthority(AzureCloudInstance, AadAuthorityAudience, Boolean)

Adds a known Azure AD authority to the application to sign-in users specifying the cloud instance and the sign-in audience. See https://aka.ms/msal-net-application-configuration.

public T WithAuthority (Microsoft.Identity.Client.AzureCloudInstance azureCloudInstance, Microsoft.Identity.Client.AadAuthorityAudience authorityAudience, bool validateAuthority = true);
member this.WithAuthority : Microsoft.Identity.Client.AzureCloudInstance * Microsoft.Identity.Client.AadAuthorityAudience * bool -> 'T
Public Function WithAuthority (azureCloudInstance As AzureCloudInstance, authorityAudience As AadAuthorityAudience, Optional validateAuthority As Boolean = true) As T

Parameters

azureCloudInstance
AzureCloudInstance

Instance of Azure Cloud (for instance Azure worldwide cloud, Azure German Cloud, US government ...)

authorityAudience
AadAuthorityAudience

Sign-in audience (one AAD organization, any work and school accounts, or any work and school accounts and Microsoft personal accounts

validateAuthority
Boolean

Whether the authority should be validated against the server metadata.

Returns

T

The builder to chain the .With methods

Applies to

WithAuthority(AzureCloudInstance, Guid, Boolean)

Adds a known Azure AD authority to the application to sign-in users from a single organization (single tenant application) described by its cloud instance and its tenant ID. See https://aka.ms/msal-net-application-configuration.

public T WithAuthority (Microsoft.Identity.Client.AzureCloudInstance azureCloudInstance, Guid tenantId, bool validateAuthority = true);
member this.WithAuthority : Microsoft.Identity.Client.AzureCloudInstance * Guid * bool -> 'T
Public Function WithAuthority (azureCloudInstance As AzureCloudInstance, tenantId As Guid, Optional validateAuthority As Boolean = true) As T

Parameters

azureCloudInstance
AzureCloudInstance

Instance of Azure Cloud (for instance Azure worldwide cloud, Azure German Cloud, US government ...)

tenantId
Guid

Tenant Id of the tenant from which to sign-in users

validateAuthority
Boolean

Whether the authority should be validated against the server metadata.

Returns

T

The builder to chain the .With methods

Applies to

WithAuthority(AzureCloudInstance, String, Boolean)

Adds a known Azure AD authority to the application to sign-in users from a single organization (single tenant application) described by its cloud instance and its domain name or tenant ID. See https://aka.ms/msal-net-application-configuration.

public T WithAuthority (Microsoft.Identity.Client.AzureCloudInstance azureCloudInstance, string tenant, bool validateAuthority = true);
member this.WithAuthority : Microsoft.Identity.Client.AzureCloudInstance * string * bool -> 'T
Public Function WithAuthority (azureCloudInstance As AzureCloudInstance, tenant As String, Optional validateAuthority As Boolean = true) As T

Parameters

azureCloudInstance
AzureCloudInstance

Instance of Azure Cloud (for instance Azure worldwide cloud, Azure German Cloud, US government ...).

tenant
String

Domain name associated with the Azure AD tenant from which to sign-in users. This can also be a GUID.

validateAuthority
Boolean

Whether the authority should be validated against the server metadata.

Returns

T

The builder to chain the .With methods.

Applies to

WithAuthority(String, Guid, Boolean)

Adds a known Azure AD authority to the application to sign-in users from a single organization (single tenant application) specified by its tenant ID. See https://aka.ms/msal-net-application-configuration.

public T WithAuthority (string cloudInstanceUri, Guid tenantId, bool validateAuthority = true);
member this.WithAuthority : string * Guid * bool -> 'T
Public Function WithAuthority (cloudInstanceUri As String, tenantId As Guid, Optional validateAuthority As Boolean = true) As T

Parameters

cloudInstanceUri
String

Azure Cloud instance.

tenantId
Guid

GUID of the tenant from which to sign-in users.

validateAuthority
Boolean

Whether the authority should be validated against the server metadata.

Returns

T

The builder to chain the .With methods.

Applies to

WithAuthority(String, String, Boolean)

Adds a known Azure AD authority to the application to sign-in users from a single organization (single tenant application) described by its domain name. See https://aka.ms/msal-net-application-configuration.

public T WithAuthority (string cloudInstanceUri, string tenant, bool validateAuthority = true);
member this.WithAuthority : string * string * bool -> 'T
Public Function WithAuthority (cloudInstanceUri As String, tenant As String, Optional validateAuthority As Boolean = true) As T

Parameters

cloudInstanceUri
String

Uri to the Azure Cloud instance (for instance https://login.microsoftonline.com)

tenant
String

domain name associated with the tenant from which to sign-in users

validateAuthority
Boolean

Whether the authority should be validated against the server metadata.

Returns

T

The builder to chain the .With methods

Remarks

tenant can also contain the string representation of a GUID (tenantId), or even common, organizations or consumers but in this case it's recommended to use another override (WithAuthority(AzureCloudInstance, Guid, Boolean) and WithAuthority(AzureCloudInstance, AadAuthorityAudience, Boolean)

Applies to