Microsoft.Identity.Abstractions Namespace

Reference

Important

Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Classes

AcquireTokenOptions	Options directing the token acquisition. These options are provided to the ITokenAcquirer methods, or part of the AuthorizationHeaderProviderOptions, or DownstreamApiOptions.
AcquireTokenResult	Result of a token acquisition.
AuthorizationHeaderProviderOptions	Options passed-in to call downstream web APIs. To call Microsoft Graph, see rather `MicrosoftGraphOptions` in the `Microsoft.Identity.Web.MicrosoftGraph` assembly.
CredentialDescription	Description of a credential. Credentials are used to prove the identity of the application (See ClientCredentials), or to decrypt tokens (See TokenDecryptionCredentials). Credentials can be secrets (client secrets), certificates, or signed assertions. They can be stored or provided in a variety of ways, and this class provides a way to describe them. The description is then used by Microsoft.Identity.Web to retrieve the credential. (See the DefaultCredentialProvider class)
CredentialSourceLoaderParameters	Parameters that credential loaders, like signed assertion providers, can use to load credentials. You won't use this class directly unless you are writing a custom credential loader.
DownstreamApiOptions	Options passed-in to call downstream web APIs.
DownstreamApiOptionsReadOnlyHttpMethod	Specialization of DownstreamApiOptions where the HttpMethod is not settable beyond it's construction.
IdentityApplicationOptions	Options for configuring authentication in a web app, web API or daemon app. This class contains configuration properties for any OAuth 2.0 identity provider. For Azure AD specific options see the derived class: MicrosoftIdentityApplicationOptions. This class and its derived class are usually used as options, that are deserialized from a configuration file like appsettings.json
ManagedIdentityOptions	Data object to hold the definition of a managed identity for an application to use for authentication. If UserAssignedClientId is null, the application will use the system-assigned managed identity. If UserAssignedClientId is set, the application will try to use the user-assigned managed identity associated with the provided ClientID. See https://aka.ms/Entra/ManagedIdentityOverview for more details.
MicrosoftIdentityApplicationOptions	Options for configuring authentication for a web app, web API, or daemon application, using Azure Active Directory. It has both AAD and B2C configuration attributes.

Interfaces

IAuthorizationHeaderProvider	Creates the value of an authorization header that the caller can use to call a protected web API.
ICredentialsLoader	Contract for credential loaders, implemented by classes like the DefaultCertificateLoader or the DefaultCredentialLoader in Microsoft.Identity.Web. Credential loaders are used to load credentials from a CredentialDescription, the result is then in the CachedValue property. Credential loaders constitute an extensibility point. They delegate to credential source loaders, which are specified in the CredentialSourceLoaders collection, choosing the one which CredentialSource matches the credential source of the credential description to load.
ICredentialSourceLoader	Contract to implement to load credentials, for instance certificates.
IDownstreamApi	Interface used to call a downstream API, for instance from controllers.
ITokenAcquirer	Interface for the token acquisition service (for instance encapsulating MSAL.NET).
ITokenAcquirerFactory	Token acquirer factory.

Enums

CredentialSource	Source for a credential. Credentials are used to prove the identity of the application (See ClientCredentials), or to decrypt tokens (See TokenDecryptionCredentials). Credentials can be secrets (client secrets), certificates, or signed assertions. They can be stored or provided in a variety of ways, and this enumeration describes these ways. It's used in the SourceType property.
CredentialType	Credential type. This is used to specify the type of credential that is being loaded. This value is provided in the see CredentialType based on the type of credential (which depends on the type of CredentialSource value of the SourceType).