Table of Contents

Class ChainedTokenCredential

Namespace
Azure.Identity
Assembly
Azure.Identity.dll

Provides a Azure.Core.TokenCredential implementation which chains multiple Azure.Core.TokenCredential implementations to be tried in order until one of the getToken methods returns a non-default Azure.Core.AccessToken.

public class ChainedTokenCredential : TokenCredential
Inheritance
ChainedTokenCredential

Examples

The ChainedTokenCredential class provides the ability to link together multiple credential instances to be tried sequentially when authenticating. The following example demonstrates creating a credential which will attempt to authenticate using managed identity, and fall back to Azure CLI for authentication if a managed identity is unavailable in the current environment. 

// Authenticate using managed identity if it is available; otherwise use the Azure CLI to authenticate.

var credential = new ChainedTokenCredential(new ManagedIdentityCredential(), new AzureCliCredential());


var eventHubProducerClient = new EventHubProducerClient("myeventhub.eventhubs.windows.net", "myhubpath", credential);

Constructors

ChainedTokenCredential()

Protected constructor for mocking.

protected ChainedTokenCredential()

ChainedTokenCredential(params TokenCredential[])

Creates an instance with the specified Azure.Core.TokenCredential sources.

public ChainedTokenCredential(params TokenCredential[] sources)

Parameters

sources TokenCredential[]

The ordered chain of Azure.Core.TokenCredential implementations to tried when calling GetToken(TokenRequestContext, CancellationToken) or GetTokenAsync(TokenRequestContext, CancellationToken)

Methods

GetToken(TokenRequestContext, CancellationToken)

Sequentially calls Azure.Core.TokenCredential.GetToken(Azure.Core.TokenRequestContext,System.Threading.CancellationToken) on all the specified sources, returning the first successfully obtained Azure.Core.AccessToken. Acquired tokens are cached by the credential instance. Token lifetime and refreshing is handled automatically. Where possible, reuse credential instances to optimize cache effectiveness.

public override AccessToken GetToken(TokenRequestContext requestContext, CancellationToken cancellationToken = default)

Parameters

requestContext TokenRequestContext

The details of the authentication request.

cancellationToken CancellationToken

A CancellationToken controlling the request lifetime.

Returns

AccessToken

The first Azure.Core.AccessToken returned by the specified sources. Any credential which raises a CredentialUnavailableException will be skipped.

GetTokenAsync(TokenRequestContext, CancellationToken)

Sequentially calls Azure.Core.TokenCredential.GetToken(Azure.Core.TokenRequestContext,System.Threading.CancellationToken) on all the specified sources, returning the first successfully obtained Azure.Core.AccessToken. Acquired tokens are cached by the credential instance. Token lifetime and refreshing is handled automatically. Where possible, reuse credential instances to optimize cache effectiveness.

public override ValueTask<AccessToken> GetTokenAsync(TokenRequestContext requestContext, CancellationToken cancellationToken = default)

Parameters

requestContext TokenRequestContext

The details of the authentication request.

cancellationToken CancellationToken

A CancellationToken controlling the request lifetime.

Returns

ValueTask<AccessToken>

The first Azure.Core.AccessToken returned by the specified sources. Any credential which raises a CredentialUnavailableException will be skipped.