Microsoft.Identity.Web Namespace
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Classes
| AadIssuerValidatorOptions |
Options passed-in to create the AadIssuerValidator object. |
| AccountExtensions |
Extension methods for IAccount. |
| ApiControllerExtensions |
Extension methods to retrieve a Graph service client, or interfaces used to call downstream web APIs. |
| AppBuilderExtension |
Extension methods on an ASP.NET application to add a web app or web API. |
| ApplicationBuilderExtensions |
Extension class on IApplicationBuilder to initialize the service provider of the TokenAcquirerFactory in ASP.NET Core. |
| AppServicesAuthenticationBuilderExtensions |
Extension methods related to App Services authentication (Easy Auth). |
| AppServicesAuthenticationDefaults |
Default values related to AppServiceAuthentication handler. |
| AppServicesAuthenticationHandler |
App service authentication handler. |
| AppServicesAuthenticationInformation |
Information about the App Services configuration on the host. |
| AppServicesAuthenticationOptions |
Options for Azure App Services authentication. |
| AppServicesAuthenticationTokenAcquisition |
Implementation of ITokenAcquisition for App Services authentication (EasyAuth). |
| AuthorizeForScopesAttribute |
Filter used on a controller action to trigger incremental consent. |
| AzureFunctionsAuthenticationHttpContextExtension |
Extensions for AzureFunctionsAuthenticationHttpContextExtension. |
| AzureIdentityForKubernetesClientAssertion |
Gets a signed assertion from Azure workload identity for kubernetes when an app is running in a container in Azure Kubernetes Services. See https://aka.ms/ms-id-web/certificateless and https://learn.microsoft.com/azure/aks/workload-identity-overview |
| BaseRequestExtensions |
Extension methods for Graph requests |
| CertificateDescription |
Description of a certificate. |
| CertificatelessOptions |
Options for configuring CertificatelessOptions. See https://aka.ms/ms-id-web/certificateless. |
| ClaimConstants |
Constants for claim types. |
| ClaimsPrincipalExtensions |
Extensions for ClaimsPrincipal. |
| ClaimsPrincipalFactory |
Factory class to create ClaimsPrincipal objects. |
| ClientAssertion |
Client assertion. |
| ClientAssertionProviderBase |
Description of a client assertion in the application configuration. See https://aka.ms/ms-id-web/client-assertions. |
| Constants |
General constants for Microsoft Identity Web. |
| ControllerBaseExtensions |
Extension methods to retrieve a Graph service client and interfaces used to call a downstream web API. |
| CookiePolicyOptionsExtensions |
Extension class containing cookie policies (work around for same site). |
| DefaultCertificateLoader |
Certificate Loader. Only use when loading a certificate from a daemon application, or an ASP NET app, using MSAL .NET directly. For an ASP NET Core app, Microsoft Identity Web will handle the certificate loading for you. |
| DefaultCredentialsLoader |
Default credentials loader. |
| DownstreamRestApiExtensions |
Extension methods to support downstream REST API services. |
| DownstreamWebApi |
Implementation for the downstream web API. |
| DownstreamWebApiExtensions |
Extension methods to support downstream web API services. |
| DownstreamWebApiGenericExtensions |
Extensions for the downstream web API. |
| DownstreamWebApiOptions |
Options passed-in to call downstream web APIs. To call Microsoft Graph, see rather
|
| GraphServiceCollectionExtensions |
Extensions methods on a MicrosoftIdentityAppCallingWebApiAuthenticationBuilder builder to add support to call Microsoft Graph. |
| ManagedIdentityClientAssertion | |
| MicrosoftGraphExtensions |
Extensions methods on a MicrosoftIdentityAppCallingWebApiAuthenticationBuilder builder to add support to call Microsoft Graph. |
| MicrosoftGraphOptions |
Options passed-in to call Microsoft Graph. |
| MicrosoftIdentityAppAuthenticationMessageHandler |
A DelegatingHandler implementation that add an authorization header with a token for the application. |
| MicrosoftIdentityAppCallsWebApiAuthenticationBuilder |
Authentication builder returned by the EnableTokenAcquisitionToCallDownstreamApi methods enabling you to decide token cache implementations. |
| MicrosoftIdentityAppCallsWebApiAuthenticationBuilderExtension |
Authentication builder returned by the EnableTokenAcquisitionToCallDownstreamApi methods enabling you to use the session cache implementation. |
| MicrosoftIdentityAuthenticationBaseMessageHandler |
Base class for Microsoft Identity authentication message handlers. |
| MicrosoftIdentityAuthenticationBaseOptions |
Base options passed-in to authenticate with Microsoft Identity. |
| MicrosoftIdentityAuthenticationMessageHandlerHttpClientBuilderExtensions |
Extension for IHttpClientBuilder for startup initialization of Microsoft Identity authentication handlers. |
| MicrosoftIdentityAuthenticationMessageHandlerOptions |
Options passed-in to Microsoft Identity message handlers. |
| MicrosoftIdentityBaseAuthenticationBuilder |
Base class for web app and web API Microsoft Identity authentication builders. |
| MicrosoftIdentityBlazorServiceCollectionExtensions |
Extensions for IServerSideBlazorBuilder for startup initialization of web APIs. |
| MicrosoftIdentityConsentAndConditionalAccessHandler |
Handler for Blazor specific APIs to handle incremental consent and conditional access. |
| MicrosoftIdentityOptions |
Options for configuring authentication using Azure Active Directory. It has both AAD and B2C configuration attributes. |
| MicrosoftIdentityUserAuthenticationMessageHandler |
A DelegatingHandler implementation that add an authorization header with a token on behalf of the current user. |
| MicrosoftIdentityWebApiAuthenticationBuilder |
Authentication builder for a web API. |
| MicrosoftIdentityWebApiAuthenticationBuilderExtensions |
Extensions for AuthenticationBuilder for startup initialization of web APIs. |
| MicrosoftIdentityWebApiAuthenticationBuilderWithConfiguration |
Builder for web API authentication with configuration. |
| MicrosoftIdentityWebApiServiceCollectionExtensions |
Extension for IServiceCollection for startup initialization of web APIs. |
| MicrosoftIdentityWebAppAuthenticationBuilder |
Authentication builder specific for Microsoft identity platform. |
| MicrosoftIdentityWebAppAuthenticationBuilderExtensions |
Extensions for the AuthenticationBuilder for startup initialization. |
| MicrosoftIdentityWebAppAuthenticationBuilderWithConfiguration |
Builder for a Microsoft identity web app authentication where configuration is available for EnableTokenAcquisitionToCallDownstreamApi. |
| MicrosoftIdentityWebAppServiceCollectionExtensions |
Extension for IServiceCollection for startup initialization. |
| MicrosoftIdentityWebChallengeUserException |
Microsoft Identity Web specific exception class for use in Blazor or Razor pages to process the user challenge. Handles the MsalUiRequiredException. |
| PolicyBuilderExtensions |
Extensions for building the RequiredScope policy during application startup. |
| PrincipalExtensionsForSecurityTokens |
Extensions to retrieve a SecurityToken from ClaimsPrincipal. |
| RequiredScopeExtensions |
Extensions for building the required scope attribute during application startup. |
| RequiredScopeOrAppPermissionExtensions |
Extensions for building the required scope or app permission attribute during application startup. |
| ScopeAuthorizationRequirement |
Implements an IAuthorizationRequirement which requires at least one instance of the specified claim type, and, if allowed values are specified, the claim value must be any of the allowed values. |
| ScopeOrAppPermissionAuthorizationRequirement |
Implements an IAuthorizationRequirement which requires at least one instance of the specified claim type, and, if allowed values are specified, the claim value must be any of the allowed values. |
| ServiceCollectionExtensions |
Extensions for IServiceCollection for startup initialization of web APIs. |
| TokenAcquirerAppTokenCredential |
Azure SDK token credential for App tokens based on the ITokenAcquisition service. |
| TokenAcquirerFactory |
Factory of a token acquirer. |
| TokenAcquirerTokenCredential |
Azure SDK token credential based on the ITokenAcquisition service. |
| TokenAcquisitionAppTokenCredential |
Azure SDK token credential for App tokens based on the ITokenAcquisition service. |
| TokenAcquisitionOptions |
Options passed-in to create the token acquisition object which calls into MSAL .NET. |
| TokenAcquisitionTokenCredential |
Azure SDK token credential based on the ITokenAcquisition service. |
| TokenCacheExtensions |
Extension methods to expose a simplified developer experience for adding token caches to MSAL.NET confidential client applications in ASP.NET, or .NET Core, or .NET FW. |
Interfaces
| IAuthRequiredScopeMetadata |
This is the metadata that describes required auth scopes for a given endpoint in a web API. It's the underlying data structure the requirement ScopeAuthorizationRequirement will look for in order to validate scopes in the scope claims. |
| IAuthRequiredScopeOrAppPermissionMetadata |
This is the metadata that describes required auth scopes or app permissions for a given endpoint in a web API. It's the underlying data structure the requirement ScopeOrAppPermissionAuthorizationRequirement will look for in order to validate scopes in the scope claims or app permissions in the roles claim. |
| ICertificateLoader |
Interface to implement loading of a certificate. Only use when loading a certificate from a daemon application, or an ASP NET app, using MSAL .NET directly. For an ASP NET Core app, Microsoft Identity Web will handle the certificate loading for you. |
| IDownstreamWebApi |
Interface used to call a downstream web API, for instance from controllers. |
| ILoginErrorAccessor |
Provides access to get or set the current error status. The default implementation will use TempData and be enabled when run under Development. |
| IMicrosoftIdentityAuthenticationDelegatingHandlerFactory |
Interface to a class that provides the DelegatingHandler that adds an authorization header with a token for the application. |
| ITokenAcquisition |
Interface for the token acquisition service (encapsulating MSAL.NET). |
Enums
| CertificateSource |
Source for a certificate. |
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for