Share via


ConfidentialClientApplicationBuilder.WithCertificate Method

Definition

Overloads

WithCertificate(X509Certificate2)

Sets the certificate associated with the application.

WithCertificate(X509Certificate2, Boolean)

Sets the certificate associated with the application. Applicable to first-party applications only, this method also allows to specify if the x5c claim should be sent to Azure AD. Sending the x5c enables application developers to achieve easy certificate roll-over in Azure AD: this method will send the certificate chain to Azure AD along with the token request, so that Azure AD can use it to validate the subject name based on a trusted issuer policy. This saves the application admin from the need to explicitly manage the certificate rollover (either via portal or PowerShell/CLI operation). For details see https://aka.ms/msal-net-sni

WithCertificate(X509Certificate2)

Sets the certificate associated with the application.

public Microsoft.Identity.Client.ConfidentialClientApplicationBuilder WithCertificate (System.Security.Cryptography.X509Certificates.X509Certificate2 certificate);
member this.WithCertificate : System.Security.Cryptography.X509Certificates.X509Certificate2 -> Microsoft.Identity.Client.ConfidentialClientApplicationBuilder
Public Function WithCertificate (certificate As X509Certificate2) As ConfidentialClientApplicationBuilder

Parameters

certificate
X509Certificate2

The X509 certificate used as credentials to prove the identity of the application to Azure AD.

Returns

Remarks

You should use certificates with a private key size of at least 2048 bytes. Future versions of this library might reject certificates with smaller keys. Does not send the certificate (as x5c parameter) with the request by default.

Applies to

WithCertificate(X509Certificate2, Boolean)

Sets the certificate associated with the application. Applicable to first-party applications only, this method also allows to specify if the x5c claim should be sent to Azure AD. Sending the x5c enables application developers to achieve easy certificate roll-over in Azure AD: this method will send the certificate chain to Azure AD along with the token request, so that Azure AD can use it to validate the subject name based on a trusted issuer policy. This saves the application admin from the need to explicitly manage the certificate rollover (either via portal or PowerShell/CLI operation). For details see https://aka.ms/msal-net-sni

public Microsoft.Identity.Client.ConfidentialClientApplicationBuilder WithCertificate (System.Security.Cryptography.X509Certificates.X509Certificate2 certificate, bool sendX5C);
member this.WithCertificate : System.Security.Cryptography.X509Certificates.X509Certificate2 * bool -> Microsoft.Identity.Client.ConfidentialClientApplicationBuilder
Public Function WithCertificate (certificate As X509Certificate2, sendX5C As Boolean) As ConfidentialClientApplicationBuilder

Parameters

certificate
X509Certificate2

The X509 certificate used as credentials to prove the identity of the application to Azure AD.

sendX5C
Boolean

To send X5C with every request or not. The default is false

Returns

Remarks

You should use certificates with a private key size of at least 2048 bytes. Future versions of this library might reject certificates with smaller keys.

Applies to