DownstreamApiOptions Class
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Options passed-in to call downstream web APIs.
public class DownstreamApiOptions : Microsoft.Identity.Abstractions.AuthorizationHeaderProviderOptionstype DownstreamApiOptions = class
inherit AuthorizationHeaderProviderOptionsPublic Class DownstreamApiOptions
Inherits AuthorizationHeaderProviderOptions- Inheritance
- Derived
Examples
Here is an example of a configuration of a downstream API that would retrieve the user profile (it's illustrated with Microsoft Graph as this is a well-known API, but of course to effectively call Microsoft graph, rather use Microsoft.Identity.Web.MicrosoftGraph)
"DownstreamApis": [
"MyProfile": {
"BaseUrl": "https://graph.microsoft.com/v1.0",
"RelativePath": "/me/profile",
"Scopes": [ "user.read"]
}
]
The following describes a downstream web API called on behalf of the application itself (application token) and using the Pop protocol:
"DownstreamApis": [
"AllBooks": {
"BaseUrl": "https://mylibrary.com",
"RelativePath": "/books/all",
"RequestAppToken": true,
"ProtocolScheme": "Pop",
"Scopes": ["https://mylibrary.com/.default"]
}
]
Constructors
| DownstreamApiOptions() |
Default constructor. |
| DownstreamApiOptions(DownstreamApiOptions) |
Copy constructor. |
Properties
| AcceptHeader |
The HTTP Accept header is used to inform that server about the content type that the client is expecting in the response. |
| AcquireTokenOptions |
Options related to token acquisition. (Inherited from AuthorizationHeaderProviderOptions) |
| BaseUrl |
Base URL for the called downstream web API. For instance |
| ContentType |
Content type of the request body. |
| CustomizeHttpRequestMessage |
Provides an opportunity for the caller app to customize the HttpRequestMessage. For example, to customize the headers. This is called after the message was formed, including the Authorization header, and just before the message is sent. (Inherited from AuthorizationHeaderProviderOptions) |
| Deserializer |
Optional de-serializer. Will de-serialize the output from the web API (if any).
When not provided, the following is returned:
|
| HttpMethod |
HTTP method used to call this downstream web API (by default Get). (Inherited from AuthorizationHeaderProviderOptions) |
| ProtocolScheme |
Name of the protocol scheme used to create the authorization header. By default: "Bearer". (Inherited from AuthorizationHeaderProviderOptions) |
| RelativePath |
Path relative to the BaseUrl (for instance "me"). (Inherited from AuthorizationHeaderProviderOptions) |
| RequestAppToken |
Describes if the downstream API is called on behalf of the calling service itself
(App token) or on behalf of a user processed by the service (user token).
If |
| Scopes |
Scopes required to call the downstream web API. For instance "user.read mail.read". For Microsoft identity, in the case of application tokens (token requested by the app on behalf of itself), there should be only one scope, and it should end in "./default") |
| Serializer |
Optional serializer. Will serialize the input to the web API (if any). By default, when not provided:
|
Methods
| Clone() |
Clone the options (to be able to override them). |
| CloneInternal() |
Clone the options (to be able to override them). |
| GetApiUrl() |
Return the downstream web API URL. (Inherited from AuthorizationHeaderProviderOptions) |