ConfidentialClientApplicationBuilder.WithCertificate Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Overloads
| WithCertificate(X509Certificate2) |
Sets the certificate associated with the application. |
| WithCertificate(X509Certificate2, Boolean) |
Sets the certificate associated with the application. Applicable to first-party applications only, this method also allows to specify if the x5c claim should be sent to Azure AD. Sending the x5c enables application developers to achieve easy certificate roll-over in Azure AD: this method will send the certificate chain to Azure AD along with the token request, so that Azure AD can use it to validate the subject name based on a trusted issuer policy. This saves the application admin from the need to explicitly manage the certificate rollover (either via portal or PowerShell/CLI operation). For details see https://aka.ms/msal-net-sni |
WithCertificate(X509Certificate2)
Sets the certificate associated with the application.
public Microsoft.Identity.Client.ConfidentialClientApplicationBuilder WithCertificate (System.Security.Cryptography.X509Certificates.X509Certificate2 certificate);member this.WithCertificate : System.Security.Cryptography.X509Certificates.X509Certificate2 -> Microsoft.Identity.Client.ConfidentialClientApplicationBuilderPublic Function WithCertificate (certificate As X509Certificate2) As ConfidentialClientApplicationBuilderParameters
- certificate
- X509Certificate2
The X509 certificate used as credentials to prove the identity of the application to Azure AD.
Returns
Remarks
You should use certificates with a private key size of at least 2048 bytes. Future versions of this library might reject certificates with smaller keys. Does not send the certificate (as x5c parameter) with the request by default.
Applies to
WithCertificate(X509Certificate2, Boolean)
Sets the certificate associated with the application. Applicable to first-party applications only, this method also allows to specify if the x5c claim should be sent to Azure AD. Sending the x5c enables application developers to achieve easy certificate roll-over in Azure AD: this method will send the certificate chain to Azure AD along with the token request, so that Azure AD can use it to validate the subject name based on a trusted issuer policy. This saves the application admin from the need to explicitly manage the certificate rollover (either via portal or PowerShell/CLI operation). For details see https://aka.ms/msal-net-sni
public Microsoft.Identity.Client.ConfidentialClientApplicationBuilder WithCertificate (System.Security.Cryptography.X509Certificates.X509Certificate2 certificate, bool sendX5C);member this.WithCertificate : System.Security.Cryptography.X509Certificates.X509Certificate2 * bool -> Microsoft.Identity.Client.ConfidentialClientApplicationBuilderPublic Function WithCertificate (certificate As X509Certificate2, sendX5C As Boolean) As ConfidentialClientApplicationBuilderParameters
- certificate
- X509Certificate2
The X509 certificate used as credentials to prove the identity of the application to Azure AD.
- sendX5C
- Boolean
To send X5C with every request or not. The default is false
Returns
Remarks
You should use certificates with a private key size of at least 2048 bytes. Future versions of this library might reject certificates with smaller keys.