InteractiveBrowserCredentialBrokerOptions Class
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Options to configure the InteractiveBrowserCredential to use the system authentication broker in lieu of an embedded web view or the system browser. For more information, see Interactive brokered authentication.
public class InteractiveBrowserCredentialBrokerOptions : Azure.Identity.InteractiveBrowserCredentialOptions
type InteractiveBrowserCredentialBrokerOptions = class
inherit InteractiveBrowserCredentialOptions
Public Class InteractiveBrowserCredentialBrokerOptions
Inherits InteractiveBrowserCredentialOptions
- Inheritance
-
InteractiveBrowserCredentialBrokerOptions
Constructors
InteractiveBrowserCredentialBrokerOptions(IntPtr) |
Creates a new instance of InteractiveBrowserCredentialBrokerOptions to configure a InteractiveBrowserCredential. |
Properties
AdditionallyAllowedTenants |
Specifies tenants in addition to the specified TenantId for which the credential may acquire tokens. Add the wildcard value "*" to allow the credential to acquire tokens for any tenant the logged in account can access. If no value is specified for TenantId, this option will have no effect, and the credential will acquire tokens for any requested tenant. (Inherited from InteractiveBrowserCredentialOptions) |
AuthenticationRecord |
The AuthenticationRecord captured from a previous authentication. (Inherited from InteractiveBrowserCredentialOptions) |
AuthorityHost |
The host of the Microsoft Entra authority. The default is https://login.microsoftonline.com/. For well known authority hosts for Azure cloud instances see AzureAuthorityHosts. (Inherited from TokenCredentialOptions) |
BrowserCustomization |
The options for customizing the browser for interactive authentication. (Inherited from InteractiveBrowserCredentialOptions) |
ClientId |
The client ID of the application used to authenticate the user. It is recommended that developers register their applications and assign appropriate roles. For more information, visit https://aka.ms/azsdk/identity/AppRegistrationAndRoleAssignment. If not specified, users will authenticate to an Azure development application, which is not recommended for production scenarios. (Inherited from InteractiveBrowserCredentialOptions) |
Diagnostics |
Gets the credential diagnostic options. (Inherited from TokenCredentialOptions) |
DisableAutomaticAuthentication |
Prevents the InteractiveBrowserCredential from automatically prompting the user. If automatic authentication is disabled a AuthenticationRequiredException will be thrown from GetToken(TokenRequestContext, CancellationToken) and GetTokenAsync(TokenRequestContext, CancellationToken) in the case that user interaction is necessary. The application is responsible for handling this exception, and calling Authenticate(CancellationToken) or AuthenticateAsync(CancellationToken) to authenticate the user interactively. (Inherited from InteractiveBrowserCredentialOptions) |
DisableInstanceDiscovery |
Gets or sets the setting which determines whether or not instance discovery is performed when attempting to authenticate.
Setting this to true will completely disable both instance discovery and authority validation.
This functionality is intended for use in scenarios where the metadata endpoint cannot be reached, such as in private clouds or Azure Stack.
The process of instance discovery entails retrieving authority metadata from https://login.microsoft.com/ to validate the authority.
By setting this to |
IsLegacyMsaPassthroughEnabled |
Gets or sets whether Microsoft Account (MSA) passthrough is enabled. |
IsUnsafeSupportLoggingEnabled |
Gets or sets value indicating if ETW logging that contains potentially sensitive content should be logged.
Setting this property to true will not disable redaction of Request Content. To enable logging of sensitive Content
the IsLoggingContentEnabled property must be set to |
LoginHint |
Avoids the account prompt and pre-populates the username of the account to login. (Inherited from InteractiveBrowserCredentialOptions) |
RedirectUri |
Uri where the STS will call back the application with the security token. This parameter is not required if the caller is not using a custom ClientId. In the case that the caller is using their own ClientId the value must match the redirect url specified when creating the application registration. (Inherited from InteractiveBrowserCredentialOptions) |
Retry |
Gets the client retry options. (Inherited from ClientOptions) |
RetryPolicy |
Gets or sets the policy to use for retries. If a policy is specified, it will be used in place of the Retry property. The RetryPolicy type can be derived from to modify the default behavior without needing to fully implement the retry logic. If Process(HttpMessage, ReadOnlyMemory<HttpPipelinePolicy>) is overridden or a custom HttpPipelinePolicy is specified, it is the implementer's responsibility to update the ProcessingContext values. (Inherited from ClientOptions) |
TenantId |
The tenant ID the user will be authenticated to. If not specified the user will be authenticated to the home tenant. (Inherited from InteractiveBrowserCredentialOptions) |
TokenCachePersistenceOptions |
Specifies the TokenCachePersistenceOptions to be used by the credential. If not options are specified, the token cache will not be persisted to disk. (Inherited from InteractiveBrowserCredentialOptions) |
Transport |
The HttpPipelineTransport to be used for this client. Defaults to an instance of HttpClientTransport. (Inherited from ClientOptions) |
UseDefaultBrokerAccount |
Gets or sets whether to authenticate with the default broker account instead of prompting the user with a login dialog. |
Methods
AddPolicy(HttpPipelinePolicy, HttpPipelinePosition) |
Adds an HttpPipeline policy into the client pipeline. The position of policy in the pipeline is controlled by the |