ClientApplication class
Base abstract class for all ClientApplications - public and confidential
Methods
| acquire |
Acquires a token by exchanging the Authorization Code received from the first step of OAuth2.0
Authorization Code flow.
|
| acquire |
Acquires a token by exchanging the refresh token provided for a new set of tokens.
This API is provided only for scenarios where you would like to migrate from ADAL to MSAL. Otherwise, it is
recommended that you use |
| acquire |
Acquires tokens with password grant by exchanging client applications username and password for credentials The latest OAuth 2.0 Security Best Current Practice disallows the password grant entirely. More details on this recommendation at https://tools.ietf.org/html/draft-ietf-oauth-security-topics-13#section-3.4 Microsoft's documentation and recommendations are at: https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-authentication-flows#usernamepassword |
| acquire |
Acquires a token silently when a user specifies the account the token is requested for.
This API expects the user to provide an account object and looks into the cache to retrieve the token if present.
There is also an optional "forceRefresh" boolean the user can send to bypass the cache for access_token and id_token.
In case the refresh_token is expired or not found, an error is thrown
and the guidance is for the user to call any interactive token acquisition API (eg: |
| clear |
Clear the cache |
| get |
Creates the URL of the authorization request, letting the user input credentials and consent to the
application. The URL targets the /authorize endpoint of the authority configured in the
application object.
Once the user inputs their credentials and consents, the authority will send a response to the redirect URI
sent in the request and should contain an authorization code, which can then be used to acquire tokens via
|
| get |
Returns the logger instance |
| get |
Gets the token cache for the application. |
| set |
Replaces the default logger set in configurations with new Logger with new configurations |
Method Details
acquireTokenByCode(AuthorizationCodeRequest, AuthorizationCodePayload)
Acquires a token by exchanging the Authorization Code received from the first step of OAuth2.0
Authorization Code flow.
getAuthCodeUrl(AuthorizationCodeUrlRequest) can be used to create the URL for the first step of OAuth2.0
Authorization Code flow. Ensure that values for redirectUri and scopes in AuthorizationCodeUrlRequest and
AuthorizationCodeRequest are the same.
function acquireTokenByCode(request: AuthorizationCodeRequest, authCodePayLoad?: AuthorizationCodePayload): Promise<AuthenticationResult>Parameters
- request
- AuthorizationCodeRequest
- authCodePayLoad
-
AuthorizationCodePayload
Returns
Promise<AuthenticationResult>
acquireTokenByRefreshToken(RefreshTokenRequest)
Acquires a token by exchanging the refresh token provided for a new set of tokens.
This API is provided only for scenarios where you would like to migrate from ADAL to MSAL. Otherwise, it is
recommended that you use acquireTokenSilent() for silent scenarios. When using acquireTokenSilent(), MSAL will
handle the caching and refreshing of tokens automatically.
function acquireTokenByRefreshToken(request: RefreshTokenRequest): Promise<AuthenticationResult | null>Parameters
- request
- RefreshTokenRequest
Returns
Promise<AuthenticationResult | null>
acquireTokenByUsernamePassword(UsernamePasswordRequest)
Acquires tokens with password grant by exchanging client applications username and password for credentials The latest OAuth 2.0 Security Best Current Practice disallows the password grant entirely. More details on this recommendation at https://tools.ietf.org/html/draft-ietf-oauth-security-topics-13#section-3.4 Microsoft's documentation and recommendations are at: https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-authentication-flows#usernamepassword
function acquireTokenByUsernamePassword(request: UsernamePasswordRequest): Promise<AuthenticationResult | null>Parameters
- request
- UsernamePasswordRequest
UsenamePasswordRequest
Returns
Promise<AuthenticationResult | null>
acquireTokenSilent(SilentFlowRequest)
Acquires a token silently when a user specifies the account the token is requested for.
This API expects the user to provide an account object and looks into the cache to retrieve the token if present.
There is also an optional "forceRefresh" boolean the user can send to bypass the cache for access_token and id_token.
In case the refresh_token is expired or not found, an error is thrown
and the guidance is for the user to call any interactive token acquisition API (eg: acquireTokenByCode()).
function acquireTokenSilent(request: SilentFlowRequest): Promise<AuthenticationResult | null>Parameters
- request
- SilentFlowRequest
Returns
Promise<AuthenticationResult | null>
clearCache()
Clear the cache
function clearCache()
getAuthCodeUrl(AuthorizationUrlRequest)
Creates the URL of the authorization request, letting the user input credentials and consent to the
application. The URL targets the /authorize endpoint of the authority configured in the
application object.
Once the user inputs their credentials and consents, the authority will send a response to the redirect URI
sent in the request and should contain an authorization code, which can then be used to acquire tokens via
acquireTokenByCode(AuthorizationCodeRequest).
function getAuthCodeUrl(request: AuthorizationUrlRequest): Promise<string>Parameters
- request
- AuthorizationUrlRequest
Returns
Promise<string>
getLogger()
Returns the logger instance
function getLogger(): LoggerReturns
Logger
getTokenCache()
setLogger(Logger)
Replaces the default logger set in configurations with new Logger with new configurations
function setLogger(logger: Logger)Parameters
- logger
-
Logger
Logger instance