ITokenAcquisition.GetAccessTokenForUserAsync Method

Definition

Overloads

GetAccessTokenForUserAsync(IEnumerable<String>, String, String, ClaimsPrincipal, TokenAcquisitionOptions)

Typically used from an ASP.NET Core web app or web API controller. This method gets an access token for a downstream API on behalf of the user account for which the claims are provided in the User member of the controller's HttpContext parameter.

GetAccessTokenForUserAsync(IEnumerable<String>, String, String, String, ClaimsPrincipal, TokenAcquisitionOptions)

Typically used from an ASP.NET Core web app or web API controller. This method gets an access token for a downstream API on behalf of the user account for which the claims are provided in the User member of the controller's HttpContext parameter.

GetAccessTokenForUserAsync(IEnumerable<String>, String, String, ClaimsPrincipal, TokenAcquisitionOptions)

Typically used from an ASP.NET Core web app or web API controller. This method gets an access token for a downstream API on behalf of the user account for which the claims are provided in the User member of the controller's HttpContext parameter.

public virtual System.Threading.Tasks.Task<string> GetAccessTokenForUserAsync (System.Collections.Generic.IEnumerable<string> scopes, string? tenantId = default, string? userFlow = default, System.Security.Claims.ClaimsPrincipal? user = default, Microsoft.Identity.Web.TokenAcquisitionOptions? tokenAcquisitionOptions = default);
abstract member GetAccessTokenForUserAsync : seq<string> * string * string * System.Security.Claims.ClaimsPrincipal * Microsoft.Identity.Web.TokenAcquisitionOptions -> System.Threading.Tasks.Task<string>
override this.GetAccessTokenForUserAsync : seq<string> * string * string * System.Security.Claims.ClaimsPrincipal * Microsoft.Identity.Web.TokenAcquisitionOptions -> System.Threading.Tasks.Task<string>
Public Overridable Function GetAccessTokenForUserAsync (scopes As IEnumerable(Of String), Optional tenantId As String = Nothing, Optional userFlow As String = Nothing, Optional user As ClaimsPrincipal = Nothing, Optional tokenAcquisitionOptions As TokenAcquisitionOptions = Nothing) As Task(Of String)

Parameters

scopes
IEnumerable<String>

Scopes to request for the downstream API to call.

tenantId
String

Enables to override the tenant/account for the same identity. This is useful in the cases where a given account is guest in other tenants, and you want to acquire tokens for a specific tenant.

userFlow
String

Azure AD B2C UserFlow to target.

user
ClaimsPrincipal

Optional claims principal representing the user. If not provided, will use the signed-in user (in a web app), or the user for which the token was received (in a web API) cases where a given account is guest in other tenants, and you want to acquire tokens for a specific tenant, like where the user is a guest in.

tokenAcquisitionOptions
TokenAcquisitionOptions

Options passed-in to create the token acquisition object which calls into MSAL .NET.

Returns

Task<String>

An access token to call on behalf of the user, the downstream API characterized by its scopes.

Applies to

GetAccessTokenForUserAsync(IEnumerable<String>, String, String, String, ClaimsPrincipal, TokenAcquisitionOptions)

Typically used from an ASP.NET Core web app or web API controller. This method gets an access token for a downstream API on behalf of the user account for which the claims are provided in the User member of the controller's HttpContext parameter.

public System.Threading.Tasks.Task<string> GetAccessTokenForUserAsync (System.Collections.Generic.IEnumerable<string> scopes, string? authenticationScheme, string? tenantId = default, string? userFlow = default, System.Security.Claims.ClaimsPrincipal? user = default, Microsoft.Identity.Web.TokenAcquisitionOptions? tokenAcquisitionOptions = default);
abstract member GetAccessTokenForUserAsync : seq<string> * string * string * string * System.Security.Claims.ClaimsPrincipal * Microsoft.Identity.Web.TokenAcquisitionOptions -> System.Threading.Tasks.Task<string>
Public Function GetAccessTokenForUserAsync (scopes As IEnumerable(Of String), authenticationScheme As String, Optional tenantId As String = Nothing, Optional userFlow As String = Nothing, Optional user As ClaimsPrincipal = Nothing, Optional tokenAcquisitionOptions As TokenAcquisitionOptions = Nothing) As Task(Of String)

Parameters

scopes
IEnumerable<String>

Scopes to request for the downstream API to call.

authenticationScheme
String

Authentication scheme. If null, will use OpenIdConnectDefault.AuthenticationScheme if called from a web app, and JwtBearerDefault.AuthenticationScheme if called from a web API.

tenantId
String

Enables to override the tenant/account for the same identity. This is useful in the cases where a given account is guest in other tenants, and you want to acquire tokens for a specific tenant.

userFlow
String

Azure AD B2C UserFlow to target.

user
ClaimsPrincipal

Optional claims principal representing the user. If not provided, will use the signed-in user (in a web app), or the user for which the token was received (in a web API) cases where a given account is guest in other tenants, and you want to acquire tokens for a specific tenant, like where the user is a guest in.

tokenAcquisitionOptions
TokenAcquisitionOptions

Options passed-in to create the token acquisition object which calls into MSAL .NET.

Returns

Task<String>

An access token to call on behalf of the user, the downstream API characterized by its scopes.

Applies to