Share via


TokenAcquisitionOptions Class

Definition

Options passed-in to create the token acquisition object which calls into MSAL .NET.

public class TokenAcquisitionOptions : Microsoft.Identity.Abstractions.AcquireTokenOptions
type TokenAcquisitionOptions = class
    inherit AcquireTokenOptions
Public Class TokenAcquisitionOptions
Inherits AcquireTokenOptions
Inheritance
TokenAcquisitionOptions

Constructors

TokenAcquisitionOptions()

Properties

AuthenticationOptionsName

Gets the name of the options describing the confidential client application (ClientID, Region, Authority, client credentials). In ASP.NET Core, the authentication options name is the same as the authentication scheme.

(Inherited from AcquireTokenOptions)
CancellationToken

Cancellation token to be used when calling the token acquisition methods.

Claims

A string with one or multiple claims to request. It's a json blob (encoded or not) Normally used with Conditional Access. It receives the Claims member of the UiRequiredException. It can also be used to request specific optional claims, and for CA Auth context

(Inherited from AcquireTokenOptions)
CorrelationId

Sets the correlation ID to be used in the request to the STS "/token" endpoint.

(Inherited from AcquireTokenOptions)
ExtraHeadersParameters (Inherited from AcquireTokenOptions)
ExtraParameters

An property bag used for extensiblity.

(Inherited from AcquireTokenOptions)
ExtraQueryParameters

Sets query parameters for the query string in the HTTP request to the "/token" endpoint.

(Inherited from AcquireTokenOptions)
ForceRefresh

Specifies if the token request will ignore the access token in the token cache and will attempt to acquire a new access token. If true, the request will ignore the token cache. The default is false. Use this option with care and only when needed, for instance, if you know that conditional access policies have changed, for it induces performance degradation, as the token cache is not utilized, and the STS might throttle the app.

(Inherited from AcquireTokenOptions)
LongRunningWebApiSessionKey

Key used for long running web APIs that need to call downstream web APIs on behalf of the user. Can be null, if you are not developing a long running web API, LongRunningWebApiSessionKeyAuto if you want the token acquirer to allocate a session key for you, or your own string if you want to associate the session with some information you have externally (for instance a Microsoft Graph hook identifier).

(Inherited from AcquireTokenOptions)
ManagedIdentity

When ManagedIdentity is set, the application uses a managed identity instead of client credentials to acquire an app token. To use a system-assigned identity, simply leave UserAssignedClientId null. To use a user-assigned identity, set UserAssignedClientId to the ClientID of the user-assigned identity you want to use. Using either form of managed identity requires the application to be deployed on Azure and the managed identity to be configured. For more details, check the managed identities for Azure documentation.

(Inherited from AcquireTokenOptions)
PopClaim

In addition to the PopPublicKey, specify the PopClaim when needed in specific POP protocols.

(Inherited from AcquireTokenOptions)
PoPConfiguration

Modifies the token acquisition request so that the acquired token is a Proof of Possession token (PoP), rather than a Bearer token. PoP tokens are similar to Bearer tokens, but are bound to the HTTP request and to a cryptographic key, which MSAL can manage. See https://aka.ms/msal-net-pop.

PopPublicKey

Modifies the token acquisition request so that the acquired token is a Proof of Possession token (PoP), rather than a Bearer token. PoP tokens are similar to Bearer tokens, but are bound to the HTTP request and to a cryptographic key, which MSAL can manage. See https://aka.ms/msal-net-pop.

(Inherited from AcquireTokenOptions)
Tenant

(Microsoft identity specific) Enables to override the tenant/account for which to get a token. This is useful in multi-tenant apps in the cases where a given user account is a guest in other tenants, and you want to acquire tokens for a specific tenant.

(Inherited from AcquireTokenOptions)
UserFlow

(Microsoft identity specific) In the case of AzureAD B2C, uses a particular user flow.

(Inherited from AcquireTokenOptions)

Methods

Clone()

Clone the options (to be able to override them).

Applies to