Microsoft.IdentityModel.Tokens Namespace
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Classes
| AsymmetricSecurityKey |
Base class for a Security Key that contains Asymmetric key material. |
| AsymmetricSignatureProvider |
Provides signature and verification operations for Asymmetric Algorithms using a SecurityKey. |
| AuthenticatedEncryptionProvider |
Provides authenticated encryption and decryption services. |
| AuthenticatedEncryptionResult |
Contains the results of Encrypt(Byte[], Byte[]) operation. |
| Base64UrlEncoder |
Encodes and Decodes strings as Base64Url encoding. |
| BaseConfiguration |
Represents a generic metadata configuration which is applicable for both XML and JSON based configurations. |
| BaseConfigurationManager |
Represents a generic configuration manager. |
| CallContext |
An opaque context used to store work when working with authentication artifacts. |
| CollectionUtilities |
A class which contains useful methods for processing collections. |
| CompressionAlgorithms |
Constants for compression algorithms. |
| CompressionProviderFactory |
Compression provider factory for compression and decompression. |
| CryptoProviderCache |
Definition of cache for crypto providers |
| CryptoProviderCacheOptions |
Specifies the CryptoProviderCacheOptions which can be used to configure the internal cryptoprovider cache. We are using our own simple LRU caching implementation across all targets. See Microsoft.IdentityModel.Tokens.EventBasedLRUCache`2 for more details. |
| CryptoProviderFactory |
Creates cryptographic operators by specifying a SecurityKey's and algorithms. |
| DateTimeUtil |
Helper class for adding DateTimes and Timespans. |
| DeflateCompressionProvider |
A compression provider that supports compression and decompression using the Deflate algorithm. |
| EcdhKeyExchangeProvider |
Provides a Security Key that can be used as Content Encryption Key (CEK) for use with a JWE |
| ECDsaSecurityKey |
Represents a ECDsa security key. |
| EncryptingCredentials |
A class for properties that are used for token encryption. |
| EpochTime |
Returns the absolute DateTime or the Seconds since Unix Epoch, where Epoch is UTC 1970-01-01T0:0:0Z. |
| InMemoryCryptoProviderCache |
Defines a cache for crypto providers. Current support is limited to SignatureProvider only. |
| JsonWebAlgorithmsKeyTypes |
Constants for JsonWebAlgorithms "kty" Key Type (sec 6.1) https://datatracker.ietf.org/doc/html/rfc7518#section-6.1 |
| JsonWebKey |
Represents a JSON Web Key as defined in https://datatracker.ietf.org/doc/html/rfc7517. |
| JsonWebKeyConverter |
Converts a SecurityKey into a JsonWebKey Supports: converting to a JsonWebKey from one of: RsaSecurityKey, X509SecurityKey, and SymmetricSecurityKey. |
| JsonWebKeyECTypes |
Constants for JsonWebKey Elliptical Curve Types https://datatracker.ietf.org/doc/html/rfc7518#section-6.2.1.1 |
| JsonWebKeyParameterNames |
JsonWebKey parameter names see: https://datatracker.ietf.org/doc/html/rfc7517 |
| JsonWebKeySet |
Contains a collection of JsonWebKey that can be populated from a json string. |
| JsonWebKeySetParameterNames |
Names for Json Web Key Set Values |
| JsonWebKeyUseNames |
Constants for JsonWebKeyUse (sec 4.2) https://datatracker.ietf.org/doc/html/rfc7517#section-4.2 |
| KeyWrapProvider |
Provides Wrap key and Unwrap key services. |
| RsaKeyWrapProvider |
Provides RSA Wrap key and Unwrap key services. |
| RsaSecurityKey |
Represents a Rsa security key. |
| SecurityAlgorithms |
Constants for Security Algorithm. |
| SecurityKey |
Base class for Security Key. |
| SecurityKeyIdentifierClause |
Contains information about the keys inside the tokens. |
| SecurityToken |
Base class for security token. |
| SecurityTokenArgumentException |
Throw this exception when a received SecurityToken has invalid arguments. |
| SecurityTokenCompressionFailedException |
Thrown when JWE compression fails. |
| SecurityTokenDecompressionFailedException |
Thrown when JWE decompression fails. |
| SecurityTokenDecryptionFailedException |
Represents a security token exception when decryption failed. |
| SecurityTokenDescriptor |
Contains some information which used to create a security token. |
| SecurityTokenEncryptionFailedException |
Represents a security token exception when encryption failed. |
| SecurityTokenEncryptionKeyNotFoundException |
This exception is thrown when a security token contained a key identifier but the key was not found by the runtime when decrypting a token. |
| SecurityTokenException |
Represents a security token exception. |
| SecurityTokenExpiredException |
Throw this exception when a received Security Token has expiration time in the past. |
| SecurityTokenHandler |
Defines the interface for a Security Token Handler. |
| SecurityTokenInvalidAlgorithmException |
This exception is thrown when a cryptographic algorithm is invalid. |
| SecurityTokenInvalidAudienceException |
This exception is thrown when 'audience' of a token was not valid. |
| SecurityTokenInvalidIssuerException |
This exception is thrown when 'issuer' of a token was not valid. |
| SecurityTokenInvalidLifetimeException |
This exception is thrown when 'lifetime' of a token was not valid. |
| SecurityTokenInvalidSignatureException |
This exception is thrown when 'signature' of a token was not valid. |
| SecurityTokenInvalidSigningKeyException |
Throw this exception when a received Security Token has an invalid issuer signing key. |
| SecurityTokenInvalidTypeException |
This exception is thrown when the token type ('typ' header claim) of a JWT token is invalid. |
| SecurityTokenKeyWrapException |
Represents a key wrap exception when encryption failed. |
| SecurityTokenMalformedException |
Represents a SecurityToken exception when the token is malformed. |
| SecurityTokenNoExpirationException |
This exception is thrown when a security is missing an ExpirationTime. |
| SecurityTokenNotYetValidException |
Throw this exception when a received Security token has an effective time in the future. |
| SecurityTokenReplayAddFailedException |
This exception is thrown when an add to the TokenReplayCache fails. |
| SecurityTokenReplayDetectedException |
Throw this exception when a received Security Token has been replayed. |
| SecurityTokenSignatureKeyNotFoundException |
This exception is thrown when a security token contained a key identifier but the key was not found by the runtime. |
| SecurityTokenUnableToValidateException |
This exception is thrown when a security token contained a key identifier but the key was not found by the runtime and when validation errors exist over the security token. This exception is not intended to be used as a signal to refresh keys. |
| SecurityTokenValidationException |
Represents a security token validation exception. |
| SignatureProvider |
Provides signature services, signing and verifying. |
| SigningCredentials |
Defines the SecurityKey, algorithm and digest for digital signatures. |
| SymmetricKeyWrapProvider |
Provides Wrap key and Unwrap key services. |
| SymmetricSecurityKey |
Represents a symmetric security key. |
| SymmetricSignatureProvider |
Provides signing and verifying operations using a SymmetricSecurityKey and specifying an algorithm. |
| TokenContext |
An opaque context used to store work when working with authentication artifacts. |
| TokenHandler |
Defines properties shared across all security token handlers. |
| TokenValidationParameters |
Contains a set of parameters that are used by a SecurityTokenHandler when validating a SecurityToken. |
| TokenValidationResult |
Contains artifacts obtained when a SecurityToken is validated. A SecurityTokenHandler returns an instance that captures the results of validating a token. |
| UniqueId |
Generates unique IDs. |
| Utility |
Contains some utility methods. |
| Validators |
AudienceValidator |
| X509EncryptingCredentials |
An X509EncryptingCredentials designed to construct EncryptingCredentials based on a x509 certificate. |
| X509SecurityKey |
An AsymmetricSecurityKey that is backed by a X509Certificate2 |
| X509SigningCredentials |
Defines the X509Certificate2, algorithm and digest for digital signatures. |
Interfaces
| ICompressionProvider |
Compression provider interface. |
| ICryptoProvider |
Provides extensibility for cryptographic operators. If custom operators are needed for then CustomCryptoProvider can be set to return these operators. CustomCryptoProvider will be before each creation. |
| ISecurityTokenValidator |
ISecurityTokenValidator |
| ITokenReplayCache |
Interface that defines a simple cache for tacking replaying of security tokens. |
Enums
| PrivateKeyStatus |
Enum for the existence of private key |
| ValidationFailure |
The reason for being unable to validate |
Delegates
| AlgorithmValidator |
Definition for AlgorithmValidator |
| AudienceValidator |
Definition for AudienceValidator. |
| IssuerSigningKeyResolver |
Definition for IssuerSigningKeyResolver. |
| IssuerSigningKeyResolverUsingConfiguration |
Definition for IssuerSigningKeyResolverUsingConfiguration. |
| IssuerSigningKeyValidator |
Definition for IssuerSigningKeyValidator. |
| IssuerSigningKeyValidatorUsingConfiguration |
Definition for IssuerSigningKeyValidatorUsingConfiguration. |
| IssuerValidator |
Definition for IssuerValidator. |
| IssuerValidatorUsingConfiguration |
Definition for IssuerValidatorUsingConfiguration. |
| LifetimeValidator |
Definition for LifetimeValidator. |
| SignatureValidator |
Definition for SignatureValidator. |
| SignatureValidatorUsingConfiguration |
Definition for SignatureValidator. |
| TokenDecryptionKeyResolver |
Definition for TokenDecryptionKeyResolver. |
| TokenReader |
Definition for TokenReader. |
| TokenReplayValidator |
Definition for TokenReplayValidator. |
| TransformBeforeSignatureValidation |
Definition for TransformBeforeSignatureValidation. |
| TypeValidator |
Definition for TypeValidator. |
Feedback
Submit and view feedback for