Share via

IConfidentialClientApplication.AcquireTokenForClient Method


Acquires a token from the authority configured in the app for the confidential client itself (not for a user) using the client credentials flow. See Client Credentials Flow. During this operation MSAL will first search in the cache for an unexpired token before acquiring a new one from Microsoft Entra ID.

public Microsoft.Identity.Client.AcquireTokenForClientParameterBuilder AcquireTokenForClient (System.Collections.Generic.IEnumerable<string> scopes);
abstract member AcquireTokenForClient : seq<string> -> Microsoft.Identity.Client.AcquireTokenForClientParameterBuilder
Public Function AcquireTokenForClient (scopes As IEnumerable(Of String)) As AcquireTokenForClientParameterBuilder



Scopes requested to access a protected API. For this flow (client credentials), the scopes should be in the form of "{ResourceIdUri/.default}" for instance or, for Microsoft Graph, as the requested scopes are defined statically in the application registration in the portal, and cannot be overridden in the application.


A builder enabling you to add optional parameters before executing the token request.


You can also chain the following optional parameters: WithForceRefresh(Boolean)WithExtraQueryParameters(Dictionary<String,String>)

Applies to