ClientCertificateCredentialOptions interface
Optional parameters for the ClientCertificateCredential class.
- Extends
send |
Option to include x5c header for SubjectName and Issuer name authorization. Set this option to send base64 encoded public certificate in the client assertion header as an x5c claim |
additionally |
For multi-tenant applications, specifies additional tenants for which the credential may acquire tokens. Add the wildcard value "*" to allow the credential to acquire tokens for any tenant the application is installed. |
additional |
Additional policies to include in the HTTP pipeline. |
allow |
Set to true if the request is sent over HTTP instead of HTTPS |
authority |
The authority host to use for authentication requests. Possible values are available through AzureAuthorityHosts. The default is "https://login.microsoftonline.com". |
disable |
The field determines whether instance discovery is performed when attempting to authenticate.
Setting this to |
http |
The HttpClient that will be used to send HTTP requests. |
logging |
Allows users to configure settings for logging policy options, allow logging account information and personally identifiable information for customer support. |
proxy |
Options to configure a proxy for outgoing requests. |
redirect |
Options for how redirect responses are handled. |
retry |
Options that control how to retry failed requests. |
telemetry |
Options for setting common telemetry and tracing info to outgoing requests. |
tls |
Options for configuring TLS authentication |
token |
Options to provide to the persistence layer (if one is available) when storing credentials. You must first register a persistence provider plugin. See the
Example:
|
user |
Options for adding user agent details to outgoing requests. |
Option to include x5c header for SubjectName and Issuer name authorization. Set this option to send base64 encoded public certificate in the client assertion header as an x5c claim
sendCertificateChain?: boolean
Property Value
boolean
For multi-tenant applications, specifies additional tenants for which the credential may acquire tokens. Add the wildcard value "*" to allow the credential to acquire tokens for any tenant the application is installed.
additionallyAllowedTenants?: string[]
Property Value
string[]
Inherited From MultiTenantTokenCredentialOptions.additionallyAllowedTenants
Additional policies to include in the HTTP pipeline.
additionalPolicies?: AdditionalPolicyConfig[]
Property Value
Inherited From MultiTenantTokenCredentialOptions.additionalPolicies
Set to true if the request is sent over HTTP instead of HTTPS
allowInsecureConnection?: boolean
Property Value
boolean
Inherited From MultiTenantTokenCredentialOptions.allowInsecureConnection
The authority host to use for authentication requests. Possible values are available through AzureAuthorityHosts. The default is "https://login.microsoftonline.com".
authorityHost?: string
Property Value
string
Inherited From MultiTenantTokenCredentialOptions.authorityHost
The field determines whether instance discovery is performed when attempting to authenticate.
Setting this to true
will completely disable both instance discovery and authority validation.
As a result, it's crucial to ensure that the configured authority host is valid and trustworthy.
This functionality is intended for use in scenarios where the metadata endpoint cannot be reached, such as in private clouds or Azure Stack.
The process of instance discovery entails retrieving authority metadata from https://login.microsoft.com/ to validate the authority.
disableInstanceDiscovery?: boolean
Property Value
boolean
Inherited From AuthorityValidationOptions.disableInstanceDiscovery
The HttpClient that will be used to send HTTP requests.
httpClient?: HttpClient
Property Value
Inherited From MultiTenantTokenCredentialOptions.httpClient
Allows users to configure settings for logging policy options, allow logging account information and personally identifiable information for customer support.
loggingOptions?: LogPolicyOptions & { allowLoggingAccountIdentifiers?: boolean, enableUnsafeSupportLogging?: boolean }
Property Value
LogPolicyOptions & { allowLoggingAccountIdentifiers?: boolean, enableUnsafeSupportLogging?: boolean }
Inherited From MultiTenantTokenCredentialOptions.loggingOptions
Options to configure a proxy for outgoing requests.
proxyOptions?: ProxySettings
Property Value
Inherited From MultiTenantTokenCredentialOptions.proxyOptions
Options for how redirect responses are handled.
redirectOptions?: RedirectPolicyOptions
Property Value
Inherited From MultiTenantTokenCredentialOptions.redirectOptions
Options that control how to retry failed requests.
retryOptions?: PipelineRetryOptions
Property Value
Inherited From MultiTenantTokenCredentialOptions.retryOptions
Options for setting common telemetry and tracing info to outgoing requests.
telemetryOptions?: TelemetryOptions
Property Value
Inherited From MultiTenantTokenCredentialOptions.telemetryOptions
Options for configuring TLS authentication
tlsOptions?: TlsSettings
Property Value
Inherited From MultiTenantTokenCredentialOptions.tlsOptions
Options to provide to the persistence layer (if one is available) when storing credentials.
You must first register a persistence provider plugin. See the
@azure/identity-cache-persistence
package on NPM.
Example:
import { useIdentityPlugin, DeviceCodeCredential } from "@azure/identity";
useIdentityPlugin(cachePersistencePlugin);
const credential = new DeviceCodeCredential({
tokenCachePersistenceOptions: {
enabled: true,
},
});
tokenCachePersistenceOptions?: TokenCachePersistenceOptions
Property Value
Inherited From CredentialPersistenceOptions.tokenCachePersistenceOptions
Options for adding user agent details to outgoing requests.
userAgentOptions?: UserAgentPolicyOptions
Property Value
Inherited From MultiTenantTokenCredentialOptions.userAgentOptions