AcquireTokenSilentParameterBuilder.WithProofOfPossession Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Overloads
| WithProofOfPossession(PoPAuthenticationConfiguration) |
Modifies the token acquisition request so that the acquired token is a Proof-of-Possession token (PoP), rather than a Bearer token. PoP tokens are similar to Bearer tokens, but are bound to the HTTP request and to a cryptographic key, which MSAL can manage on Windows. See https://aka.ms/msal-net-pop |
| WithProofOfPossession(String, HttpMethod, Uri) |
Modifies the token acquisition request so that the acquired token is a Proof-of-Possession token (PoP), rather than a Bearer token. PoP tokens are similar to Bearer tokens, but are bound to the HTTP request and to a cryptographic key, which MSAL can manage on Windows. Note that only the host and path parts of the request URI will be bound. See https://aka.ms/msal-net-pop |
WithProofOfPossession(PoPAuthenticationConfiguration)
Modifies the token acquisition request so that the acquired token is a Proof-of-Possession token (PoP), rather than a Bearer token. PoP tokens are similar to Bearer tokens, but are bound to the HTTP request and to a cryptographic key, which MSAL can manage on Windows. See https://aka.ms/msal-net-pop
public Microsoft.Identity.Client.AcquireTokenSilentParameterBuilder WithProofOfPossession (Microsoft.Identity.Client.AppConfig.PoPAuthenticationConfiguration popAuthenticationConfiguration);member this.WithProofOfPossession : Microsoft.Identity.Client.AppConfig.PoPAuthenticationConfiguration -> Microsoft.Identity.Client.AcquireTokenSilentParameterBuilderPublic Function WithProofOfPossession (popAuthenticationConfiguration As PoPAuthenticationConfiguration) As AcquireTokenSilentParameterBuilderParameters
- popAuthenticationConfiguration
- PoPAuthenticationConfiguration
Configuration properties used to construct a Proof-of-Possession request.
Returns
Remarks
- An Authentication header is automatically added to the request.
- The PoP token is bound to the HTTP request, more specifically to the HTTP method (GET, POST, etc.) and to the Uri (path and query, but not query parameters).
- MSAL creates, reads and stores a key in memory that will be cycled every 8 hours.
- This is an experimental API. The method signature may change in the future without involving a major version upgrade.
Applies to
WithProofOfPossession(String, HttpMethod, Uri)
Modifies the token acquisition request so that the acquired token is a Proof-of-Possession token (PoP), rather than a Bearer token. PoP tokens are similar to Bearer tokens, but are bound to the HTTP request and to a cryptographic key, which MSAL can manage on Windows. Note that only the host and path parts of the request URI will be bound. See https://aka.ms/msal-net-pop
public Microsoft.Identity.Client.AcquireTokenSilentParameterBuilder WithProofOfPossession (string nonce, System.Net.Http.HttpMethod httpMethod, Uri requestUri);member this.WithProofOfPossession : string * System.Net.Http.HttpMethod * Uri -> Microsoft.Identity.Client.AcquireTokenSilentParameterBuilderPublic Function WithProofOfPossession (nonce As String, httpMethod As HttpMethod, requestUri As Uri) As AcquireTokenSilentParameterBuilderParameters
- nonce
- String
Nonce of the protected resource (RP) which will be published as part of the WWWAuthenticate header associated with a 401 HTTP response or as part of the AuthorityInfo header associated with 200 response. Set it here to make it part of the Signed HTTP Request part of the POP token.
- httpMethod
- HttpMethod
The HTTP method ("GET", "POST" etc.) method that will be bound to the token. If set to null, the PoP token will not be bound to the method. Corresponds to the "m" part of the a signed HTTP request.
- requestUri
- Uri
The URI to bind the signed HTTP request to.
Returns
The builder.
Remarks
- An Authentication header is automatically added to the request.
- The PoP token is bound to the HTTP request, more specifically to the HTTP method (GET, POST, etc.) and to the Uri (path and query, but not query parameters).
- MSAL creates, reads and stores a key in memory that will be cycled every 8 hours.
- On confidential clients, this is an experimental API. The method signature may change in the future without involving a major version upgrade.
- Broker is required to use Proof-of-Possession on public clients.