ITokenAcquisition Interface
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Interface for the token acquisition service (encapsulating MSAL.NET).
public interface ITokenAcquisition
type ITokenAcquisition = interface
Public Interface ITokenAcquisition
- Derived
Methods
GetAccessTokenForAppAsync(String, String, String, TokenAcquisitionOptions) |
Acquires a token from the authority configured in the app, for the confidential client itself (not on behalf of a user) using the client credentials flow. See https://aka.ms/msal-net-client-credentials. |
GetAccessTokenForAppAsync(String, String, TokenAcquisitionOptions) |
Acquires a token from the authority configured in the app, for the confidential client itself (not on behalf of a user) using the client credentials flow. See https://aka.ms/msal-net-client-credentials. |
GetAccessTokenForUserAsync(IEnumerable<String>, String, String, ClaimsPrincipal, TokenAcquisitionOptions) |
Typically used from an ASP.NET Core web app or web API controller. This method gets an access token for a downstream API on behalf of the user account for which the claims are provided in the User member of the controller's HttpContext parameter. |
GetAccessTokenForUserAsync(IEnumerable<String>, String, String, String, ClaimsPrincipal, TokenAcquisitionOptions) |
Typically used from an ASP.NET Core web app or web API controller. This method gets an access token for a downstream API on behalf of the user account for which the claims are provided in the current user |
GetAuthenticationResultForAppAsync(String, String, String, TokenAcquisitionOptions) |
Acquires an authentication result from the authority configured in the app, for the confidential client itself (not on behalf of a user) using the client credentials flow. See https://aka.ms/msal-net-client-credentials. |
GetAuthenticationResultForAppAsync(String, String, TokenAcquisitionOptions) |
Acquires an authentication result from the authority configured in the app, for the confidential client itself (not on behalf of a user) using the client credentials flow. See https://aka.ms/msal-net-client-credentials. |
GetAuthenticationResultForUserAsync(IEnumerable<String>, String, String, ClaimsPrincipal, TokenAcquisitionOptions) |
Typically used from an ASP.NET Core web app or web API controller. This method gets an access token for a downstream API on behalf of the user account for which the claims are provided in the current user |
GetAuthenticationResultForUserAsync(IEnumerable<String>, String, String, String, ClaimsPrincipal, TokenAcquisitionOptions) |
Typically used from an ASP.NET Core web app or web API controller. This method gets an access token for a downstream API on behalf of the user account for which the claims are provided in the current user |
GetEffectiveAuthenticationScheme(String) |
Get the effective authentication scheme based on the context. |
ReplyForbiddenWithWwwAuthenticateHeader(IEnumerable<String>, MsalUiRequiredException, HttpResponse) |
Used in web APIs (which therefore cannot have an interaction with the user). Replies to the client through the HttpResponse by sending a 403 (forbidden) and populating wwwAuthenticateHeaders so that the client can trigger an interaction with the user so the user can consent to more scopes. |
ReplyForbiddenWithWwwAuthenticateHeader(IEnumerable<String>, MsalUiRequiredException, String, HttpResponse) |
Used in web APIs (which therefore cannot have an interaction with the user). Replies to the client through the HttpResponse by sending a 403 (forbidden) and populating wwwAuthenticateHeaders so that the client can trigger an interaction with the user so the user can consent to more scopes. |
ReplyForbiddenWithWwwAuthenticateHeaderAsync(IEnumerable<String>, MsalUiRequiredException, HttpResponse) |
Used in web APIs (which therefore cannot have an interaction with the user). Replies to the client through the HttpResponse by sending a 403 (forbidden) and populating wwwAuthenticateHeaders so that the client can trigger an interaction with the user so the user can consent to more scopes. |