IMultipleAccountPublicClientApplication Interface

Reference

Package:: com.microsoft.identity.client

public interface IMultipleAccountPublicClientApplication extends IPublicClientApplication

An interface that contains list of operations that are available when MSAL is in 'multiple account' mode.

This mode allows an application to make API calls with more than one accounts.
The application will only be able to retrieve/remove accounts that have been used to acquire token interactively in this application
API calls' scope is limited to 'the calling app'. (i.e. removeAccount() will not remove credentials of the same account in other apps).

This is MSAL's default mode.

Method Summary

Modifier and Type	Method and Description
void	acquireToken(@NonNull final Activity activity, @NonNull final String[] scopes, @Nullable final String loginHint, @NonNull final AuthenticationCallback callback) Acquire token interactively, will pop-up webUI. Interactive flow will skip the cache lookup.
IAuthenticationResult	acquireTokenSilent(@NonNull final String[] scopes, @NonNull final IAccount account, @NonNull final String authority) Perform acquire token silent call. If there is a valid access token in the cache, the sdk will return the access token; If no valid access token exists, the sdk will try to find a refresh token and use the refresh token to get a new access token. If refresh token does not exist or it fails the refresh, exception will be sent back via callback.
void	acquireTokenSilentAsync(@NonNull final String[] scopes, @NonNull final IAccount account, @NonNull final String authority, @NonNull final SilentAuthenticationCallback callback) Perform acquire token silent call. If there is a valid access token in the cache, the sdk will return the access token; If no valid access token exists, the sdk will try to find a refresh token and use the refresh token to get a new access token. If refresh token does not exist or it fails the refresh, exception will be sent back via callback.
IAccount	getAccount(@NonNull final String identifier) Retrieve the IAccount object matching the identifier. The identifier could be homeAccountIdentifier, localAccountIdentifier or username.
void	getAccount(@NonNull final String identifier, @NonNull final GetAccountCallback callback) Retrieve the IAccount object matching the identifier. The identifier could be homeAccountIdentifier, localAccountIdentifier or username.
List<IAccount>	getAccounts() Returns a List of IAccount objects for which this application has RefreshTokens.
void	getAccounts(@NonNull final LoadAccountsCallback callback) Asynchronously returns a List of IAccount objects for which this application has RefreshTokens.
boolean	removeAccount(@Nullable final IAccount account) Removes the Account and Credentials (tokens) for the supplied IAccount.
void	removeAccount(@Nullable final IAccount account, @NonNull final RemoveAccountCallback callback) Removes the Account and Credentials (tokens) for the supplied IAccount.

Inherited Members

Method Details

acquireToken

public void acquireToken(@NonNull final Activity activity, @NonNull final String[] scopes, @Nullable final String loginHint, @NonNull final AuthenticationCallback callback)

Acquire token interactively, will pop-up webUI. Interactive flow will skip the cache lookup.

Parameters:

activity - Non-null Activity that will be used as the parent activity for launching the com.microsoft.identity.common.internal.providers.oauth2.AuthorizationActivity.

scopes - The non-null array of scopes to be requested for the access token. MSAL always sends the scopes 'openid profile offline_access'. Do not include any of these scopes in the scope parameter.

loginHint - Optional. If provided, will be used as the query parameter sent for authenticating the user, which will have the UPN pre-populated.

callback - The Non-null AuthenticationCallback to receive the result back. 1) If user cancels the flow by pressing the device back button, the result will be sent back via onCancel(). 2) If the sdk successfully receives the token back, result will be sent back via onSuccess(final IAuthenticationResult authenticationResult) 3) All the other errors will be sent back via onError(final MsalException exception).

acquireTokenSilent

public IAuthenticationResult acquireTokenSilent(@NonNull final String[] scopes, @NonNull final IAccount account, @NonNull final String authority)

Perform acquire token silent call. If there is a valid access token in the cache, the sdk will return the access token; If no valid access token exists, the sdk will try to find a refresh token and use the refresh token to get a new access token. If refresh token does not exist or it fails the refresh, exception will be sent back via callback.

Parameters:

scopes - The non-null array of scopes to be requested for the access token. MSAL always sends the scopes 'openid profile offline_access'. Do not include any of these scopes in the scope parameter.

account -

IAccount represents the account to silently request tokens for.

authority - Authority to issue the token.

acquireTokenSilentAsync

public void acquireTokenSilentAsync(@NonNull final String[] scopes, @NonNull final IAccount account, @NonNull final String authority, @NonNull final SilentAuthenticationCallback callback)

Parameters:

scopes - The non-null array of scopes to be requested for the access token. MSAL always sends the scopes 'openid profile offline_access'. Do not include any of these scopes in the scope parameter.

account -

IAccount represents the account to silently request tokens for.

authority - Authority to issue the token.

callback -

SilentAuthenticationCallback that is used to send the result back. The success result will be sent back via onSuccess(final IAuthenticationResult authenticationResult). Failure case will be sent back via { onError(final MsalException exception)

getAccount

public IAccount getAccount(@NonNull final String identifier)

Retrieve the IAccount object matching the identifier. The identifier could be homeAccountIdentifier, localAccountIdentifier or username.

Parameters:

identifier - String of the identifier

getAccount

public void getAccount(@NonNull final String identifier, @NonNull final GetAccountCallback callback)

Retrieve the IAccount object matching the identifier. The identifier could be homeAccountIdentifier, localAccountIdentifier or username.

Parameters:

identifier - String of the identifier

callback - The callback to notify once this action has finished.

getAccounts

public List getAccounts()

Returns a List of IAccount objects for which this application has RefreshTokens.

getAccounts

public void getAccounts(@NonNull final LoadAccountsCallback callback)

Asynchronously returns a List of IAccount objects for which this application has RefreshTokens.

Parameters:

callback - The callback to notify once this action has finished.

removeAccount

public boolean removeAccount(@Nullable final IAccount account)

Removes the Account and Credentials (tokens) for the supplied IAccount.

Parameters:

account - The IAccount whose entry and associated tokens should be removed.

Returns:

True, if the account was removed. False otherwise.

removeAccount

public void removeAccount(@Nullable final IAccount account, @NonNull final RemoveAccountCallback callback)

Removes the Account and Credentials (tokens) for the supplied IAccount.

Parameters:

account - The IAccount whose entry and associated tokens should be removed.

callback

IMultipleAccountPublicClientApplication Interface

Method Summary

Inherited Members

Method Details

acquireToken

acquireTokenSilent

acquireTokenSilentAsync

getAccount

getAccount

getAccounts

getAccounts

removeAccount

removeAccount

Applies to

Feedback

Additional resources