AppServicesAuthenticationTokenAcquisition.GetAccessTokenForUserAsync Method

Reference

Definition

Namespace:: Microsoft.Identity.Web

Assembly:: Microsoft.Identity.Web.dll

Package:: Microsoft.Identity.Web v3.3.1

Important

Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Typically used from an ASP.NET Core web app or web API controller. This method gets an access token for a downstream API on behalf of the user account for which the claims are provided in the current user

public System.Threading.Tasks.Task<string> GetAccessTokenForUserAsync (System.Collections.Generic.IEnumerable<string> scopes, string? authenticationScheme, string? tenantId = default, string? userFlow = default, System.Security.Claims.ClaimsPrincipal? user = default, Microsoft.Identity.Web.TokenAcquisitionOptions? tokenAcquisitionOptions = default);

abstract member GetAccessTokenForUserAsync : seq<string> * string * string * string * System.Security.Claims.ClaimsPrincipal * Microsoft.Identity.Web.TokenAcquisitionOptions -> System.Threading.Tasks.Task<string>
override this.GetAccessTokenForUserAsync : seq<string> * string * string * string * System.Security.Claims.ClaimsPrincipal * Microsoft.Identity.Web.TokenAcquisitionOptions -> System.Threading.Tasks.Task<string>

Public Function GetAccessTokenForUserAsync (scopes As IEnumerable(Of String), authenticationScheme As String, Optional tenantId As String = Nothing, Optional userFlow As String = Nothing, Optional user As ClaimsPrincipal = Nothing, Optional tokenAcquisitionOptions As TokenAcquisitionOptions = Nothing) As Task(Of String)

Parameters

scopes: IEnumerable<String>

Scopes to request for the downstream API to call.

authenticationScheme: String

Authentication scheme. If null, will use OpenIdConnectDefault.AuthenticationScheme if called from a web app, and JwtBearerDefault.AuthenticationScheme if called from a web API.

tenantId: String

Enables to override the tenant/account for the same identity. This is useful in the cases where a given account is guest in other tenants, and you want to acquire tokens for a specific tenant.

userFlow: String

Azure AD B2C UserFlow to target.

user: ClaimsPrincipal

Optional claims principal representing the user. If not provided, will use the signed-in user (in a web app), or the user for which the token was received (in a web API) cases where a given account is guest in other tenants, and you want to acquire tokens for a specific tenant, like where the user is a guest in.

tokenAcquisitionOptions: TokenAcquisitionOptions

Options passed-in to create the token acquisition object which calls into MSAL .NET.

Returns

Task<String>

An access token to call on behalf of the user, the downstream API characterized by its scopes.

Implements

GetAccessTokenForUserAsync(IEnumerable<String>, String, String, String, ClaimsPrincipal, TokenAcquisitionOptions)

Applies to

共用方式為