WorkloadIdentityCredentialOptions interface
Options for the WorkloadIdentityCredential
- Extends
Properties
client |
The client ID of a Microsoft Entra app registration. |
tenant |
ID of the application's Microsoft Entra tenant. Also called its directory ID. |
token |
The path to a file containing a Kubernetes service account token that authenticates the identity. |
Inherited Properties
additionally |
For multi-tenant applications, specifies additional tenants for which the credential may acquire tokens. Add the wildcard value "*" to allow the credential to acquire tokens for any tenant the application is installed. |
additional |
Additional policies to include in the HTTP pipeline. |
allow |
Set to true if the request is sent over HTTP instead of HTTPS |
authority |
The authority host to use for authentication requests. Possible values are available through AzureAuthorityHosts. The default is "https://login.microsoftonline.com". |
disable |
The field determines whether instance discovery is performed when attempting to authenticate.
Setting this to |
http |
The HttpClient that will be used to send HTTP requests. |
logging |
Allows users to configure settings for logging policy options, allow logging account information and personally identifiable information for customer support. |
proxy |
Options to configure a proxy for outgoing requests. |
redirect |
Options for how redirect responses are handled. |
retry |
Options that control how to retry failed requests. |
telemetry |
Options for setting common telemetry and tracing info to outgoing requests. |
tls |
Options for configuring TLS authentication |
user |
Options for adding user agent details to outgoing requests. |
Property Details
clientId
The client ID of a Microsoft Entra app registration.
clientId?: string
Property Value
string
tenantId
ID of the application's Microsoft Entra tenant. Also called its directory ID.
tenantId?: string
Property Value
string
tokenFilePath
The path to a file containing a Kubernetes service account token that authenticates the identity.
tokenFilePath?: string
Property Value
string
Inherited Property Details
additionallyAllowedTenants
For multi-tenant applications, specifies additional tenants for which the credential may acquire tokens. Add the wildcard value "*" to allow the credential to acquire tokens for any tenant the application is installed.
additionallyAllowedTenants?: string[]
Property Value
string[]
Inherited From MultiTenantTokenCredentialOptions.additionallyAllowedTenants
additionalPolicies
Additional policies to include in the HTTP pipeline.
additionalPolicies?: AdditionalPolicyConfig[]
Property Value
Inherited From MultiTenantTokenCredentialOptions.additionalPolicies
allowInsecureConnection
Set to true if the request is sent over HTTP instead of HTTPS
allowInsecureConnection?: boolean
Property Value
boolean
Inherited From MultiTenantTokenCredentialOptions.allowInsecureConnection
authorityHost
The authority host to use for authentication requests. Possible values are available through AzureAuthorityHosts. The default is "https://login.microsoftonline.com".
authorityHost?: string
Property Value
string
Inherited From MultiTenantTokenCredentialOptions.authorityHost
disableInstanceDiscovery
The field determines whether instance discovery is performed when attempting to authenticate.
Setting this to true
will completely disable both instance discovery and authority validation.
As a result, it's crucial to ensure that the configured authority host is valid and trustworthy.
This functionality is intended for use in scenarios where the metadata endpoint cannot be reached, such as in private clouds or Azure Stack.
The process of instance discovery entails retrieving authority metadata from https://login.microsoft.com/ to validate the authority.
disableInstanceDiscovery?: boolean
Property Value
boolean
Inherited From AuthorityValidationOptions.disableInstanceDiscovery
httpClient
The HttpClient that will be used to send HTTP requests.
httpClient?: HttpClient
Property Value
Inherited From MultiTenantTokenCredentialOptions.httpClient
loggingOptions
Allows users to configure settings for logging policy options, allow logging account information and personally identifiable information for customer support.
loggingOptions?: LogPolicyOptions & { allowLoggingAccountIdentifiers?: boolean, enableUnsafeSupportLogging?: boolean }
Property Value
LogPolicyOptions & { allowLoggingAccountIdentifiers?: boolean, enableUnsafeSupportLogging?: boolean }
Inherited From MultiTenantTokenCredentialOptions.loggingOptions
proxyOptions
Options to configure a proxy for outgoing requests.
proxyOptions?: ProxySettings
Property Value
Inherited From MultiTenantTokenCredentialOptions.proxyOptions
redirectOptions
Options for how redirect responses are handled.
redirectOptions?: RedirectPolicyOptions
Property Value
Inherited From MultiTenantTokenCredentialOptions.redirectOptions
retryOptions
Options that control how to retry failed requests.
retryOptions?: PipelineRetryOptions
Property Value
Inherited From MultiTenantTokenCredentialOptions.retryOptions
telemetryOptions
Options for setting common telemetry and tracing info to outgoing requests.
telemetryOptions?: TelemetryOptions
Property Value
Inherited From MultiTenantTokenCredentialOptions.telemetryOptions
tlsOptions
Options for configuring TLS authentication
tlsOptions?: TlsSettings
Property Value
Inherited From MultiTenantTokenCredentialOptions.tlsOptions
userAgentOptions
Options for adding user agent details to outgoing requests.
userAgentOptions?: UserAgentPolicyOptions
Property Value
Inherited From MultiTenantTokenCredentialOptions.userAgentOptions