InteractiveBrowserCredentialBuilder Class
- java.
lang. Object - com.
azure. identity. CredentialBuilderBase<T> - com.
azure. identity. AadCredentialBuilderBase<T> - com.
azure. identity. InteractiveBrowserCredentialBuilder
- com.
- com.
- com.
public class InteractiveBrowserCredentialBuilder
extends AadCredentialBuilderBase<InteractiveBrowserCredentialBuilder>
Fluent credential builder for instantiating a InteractiveBrowserCredential.
Interactive browser authentication is a type of authentication flow offered by Microsoft Entra ID that enables users to sign in to applications and services using a web browser. This authentication method is commonly used for web applications, where users enter their credentials directly into a web page. With interactive browser authentication, the user navigates to a web application and is prompted to enter their username and password credentials. The application then redirects the user to the Microsoft Entra ID sign-in page, where they are prompted to enter their credentials again. After the user successfully authenticates, Microsoft Entra ID issues a security token that the application can use to authorize the user's access to its resources. The InteractiveBrowserCredential interactively authenticates a user and acquires a token with the default system browser and offers a smooth authentication experience by letting a user use their own credentials to authenticate the application. When authenticated, the oauth2 flow notifies the credential of the authentication code through the reply URL. For more information refer to the conceptual knowledge and configuration details.
Sample: Construct InteractiveBrowserCredential
The following code sample demonstrates the creation of a InteractiveBrowserCredential, using the InteractiveBrowserCredentialBuilder to configure it. By default, the credential targets a localhost redirect URL, to override that behaviour a redirectUrl(String redirectUrl) can be optionally specified. Once this credential is created, it may be passed into the builder of many of the Azure SDK for Java client builders as the 'credential' parameter.
TokenCredential interactiveBrowserCredential = new InteractiveBrowserCredentialBuilder().redirectUrl(
"http://localhost:8765").build();
Constructor Summary
Constructor | Description |
---|---|
InteractiveBrowserCredentialBuilder() |
Constructs an instance of Interactive |
Method Summary
Modifier and Type | Method and Description |
---|---|
Interactive |
additionallyAllowedTenants(String[] additionallyAllowedTenants)
For multi-tenant applications, specifies additional tenants for which the credential may acquire tokens. |
Interactive |
additionallyAllowedTenants(List<String> additionallyAllowedTenants)
For multi-tenant applications, specifies additional tenants for which the credential may acquire tokens. |
Interactive |
authenticationRecord(AuthenticationRecord authenticationRecord)
Sets the AuthenticationRecord captured from a previous authentication. |
Interactive |
browserCustomizationOptions(BrowserCustomizationOptions browserCustomizationOptions)
Configures the options for customizing the browser for interactive authentication. |
Interactive |
build()
Creates a new InteractiveBrowserCredential with the current configurations. |
Interactive |
clientId(String clientId)
Sets the client ID of the Microsoft Entra application that users will sign in to. |
Interactive |
disableAutomaticAuthentication()
Disables the automatic authentication and prevents the InteractiveBrowserCredential from automatically prompting the user. |
Interactive |
loginHint(String loginHint)
Sets the username suggestion to pre-fill the login page's username/email address field. |
Interactive |
port(int port)
Deprecated
Configure the redirect URL as
http://localhost:{port} via redirectUrl(String redirectUrl) instead.
Sets the port for the local HTTP server, for which |
Interactive |
redirectUrl(String redirectUrl)
Sets the Redirect URL where STS will callback the application with the security code. |
Interactive |
tokenCachePersistenceOptions(TokenCachePersistenceOptions tokenCachePersistenceOptions)
Configures the persistent shared token cache options and enables the persistent token cache which is disabled by default. |
Methods inherited from AadCredentialBuilderBase
Methods inherited from CredentialBuilderBase
Methods inherited from java.lang.Object
Constructor Details
InteractiveBrowserCredentialBuilder
public InteractiveBrowserCredentialBuilder()
Constructs an instance of InteractiveBrowserCredentialBuilder.
Method Details
additionallyAllowedTenants
public InteractiveBrowserCredentialBuilder additionallyAllowedTenants(String[] additionallyAllowedTenants)
For multi-tenant applications, specifies additional tenants for which the credential may acquire tokens. Add the wildcard value "*" to allow the credential to acquire tokens for any tenant on which the application is installed. If no value is specified for TenantId this option will have no effect, and the credential will acquire tokens for any requested tenant.
Overrides:
InteractiveBrowserCredentialBuilder.additionallyAllowedTenants(String[] additionallyAllowedTenants)Parameters:
Returns:
additionallyAllowedTenants
public InteractiveBrowserCredentialBuilder additionallyAllowedTenants(List
For multi-tenant applications, specifies additional tenants for which the credential may acquire tokens. Add the wildcard value "*" to allow the credential to acquire tokens for any tenant on which the application is installed. If no value is specified for TenantId this option will have no effect, and the credential will acquire tokens for any requested tenant.
Overrides:
InteractiveBrowserCredentialBuilder.additionallyAllowedTenants(List<String> additionallyAllowedTenants)Parameters:
Returns:
authenticationRecord
public InteractiveBrowserCredentialBuilder authenticationRecord(AuthenticationRecord authenticationRecord)
Sets the AuthenticationRecord captured from a previous authentication.
Parameters:
Returns:
browserCustomizationOptions
public InteractiveBrowserCredentialBuilder browserCustomizationOptions(BrowserCustomizationOptions browserCustomizationOptions)
Configures the options for customizing the browser for interactive authentication.
Parameters:
Returns:
build
public InteractiveBrowserCredential build()
Creates a new InteractiveBrowserCredential with the current configurations.
Returns:
clientId
public InteractiveBrowserCredentialBuilder clientId(String clientId)
Sets the client ID of the Microsoft Entra application that users will sign in to. It is recommended that developers register their applications and assign appropriate roles. For more information, visit this doc for app registration. If not specified, users will authenticate to an Azure development application, which is not recommended for production scenarios.
Overrides:
InteractiveBrowserCredentialBuilder.clientId(String clientId)Parameters:
Returns:
disableAutomaticAuthentication
public InteractiveBrowserCredentialBuilder disableAutomaticAuthentication()
Disables the automatic authentication and prevents the InteractiveBrowserCredential from automatically prompting the user. If automatic authentication is disabled a AuthenticationRequiredException will be thrown from getToken(TokenRequestContext request) in the case that user interaction is necessary. The application is responsible for handling this exception, and calling authenticate() or authenticate(TokenRequestContext request) to authenticate the user interactively.
Returns:
loginHint
public InteractiveBrowserCredentialBuilder loginHint(String loginHint)
Sets the username suggestion to pre-fill the login page's username/email address field. A user may still log in with a different username.
Parameters:
Returns:
port
@Deprecated
public InteractiveBrowserCredentialBuilder port(int port)
Deprecated
http://localhost:{port}
via redirectUrl(String redirectUrl) instead.
Sets the port for the local HTTP server, for which http://localhost:{port}
must be registered as a valid reply URL on the application.
Parameters:
Returns:
redirectUrl
public InteractiveBrowserCredentialBuilder redirectUrl(String redirectUrl)
Sets the Redirect URL where STS will callback the application with the security code. It is required if a custom client id is specified via clientId(String clientId) and must match the redirect URL specified during the application registration.
Parameters:
Returns:
tokenCachePersistenceOptions
public InteractiveBrowserCredentialBuilder tokenCachePersistenceOptions(TokenCachePersistenceOptions tokenCachePersistenceOptions)
Configures the persistent shared token cache options and enables the persistent token cache which is disabled by default. If configured, the credential will store tokens in a cache persisted to the machine, protected to the current user, which can be shared by other credentials and processes.
Parameters:
Returns: