AppServicesAuthenticationTokenAcquisition.GetAuthenticationResultForAppAsync Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Acquires an authentication result from the authority configured in the app, for the confidential client itself (not on behalf of a user) using the client credentials flow. See https://aka.ms/msal-net-client-credentials.
public System.Threading.Tasks.Task<Microsoft.Identity.Client.AuthenticationResult> GetAuthenticationResultForAppAsync (string scope, string? authenticationScheme, string? tenant = default, Microsoft.Identity.Web.TokenAcquisitionOptions? tokenAcquisitionOptions = default);
abstract member GetAuthenticationResultForAppAsync : string * string * string * Microsoft.Identity.Web.TokenAcquisitionOptions -> System.Threading.Tasks.Task<Microsoft.Identity.Client.AuthenticationResult>
override this.GetAuthenticationResultForAppAsync : string * string * string * Microsoft.Identity.Web.TokenAcquisitionOptions -> System.Threading.Tasks.Task<Microsoft.Identity.Client.AuthenticationResult>
Public Function GetAuthenticationResultForAppAsync (scope As String, authenticationScheme As String, Optional tenant As String = Nothing, Optional tokenAcquisitionOptions As TokenAcquisitionOptions = Nothing) As Task(Of AuthenticationResult)
Parameters
- scope
- String
The scope requested to access a protected API. For this flow (client credentials), the scope
should be of the form "{ResourceIdUri/.default}" for instance https://management.azure.net/.default
or, for Microsoft
Graph, https://graph.microsoft.com/.default
as the requested scopes are defined statically with the application registration
in the portal, and cannot be overridden in the application, as you can request a token for only one resource at a time (use
several calls to get tokens for other resources).
- authenticationScheme
- String
Authentication scheme. If null, will use OpenIdConnectDefault.AuthenticationScheme if called from a web app, and JwtBearerDefault.AuthenticationScheme if called from a web API.
- tenant
- String
Enables overriding of the tenant/account for the same identity. This is useful for multi tenant apps or daemons.
- tokenAcquisitionOptions
- TokenAcquisitionOptions
Options passed-in to create the token acquisition object which calls into MSAL .NET.
Returns
An authentication result for the app itself, based on its scopes.