Class ClientAssertionCredential

Namespace: Azure.Identity

Assembly: Azure.Identity.dll

Enables authentication of a Microsoft Entra service principal using a signed client assertion.

public class ClientAssertionCredential : TokenCredential

Inheritance: object

ClientAssertionCredential

Constructors

ClientAssertionCredential()

Protected constructor for mocking.

protected ClientAssertionCredential()

ClientAssertionCredential(string, string, Func<string>, ClientAssertionCredentialOptions)

Creates an instance of the ClientCertificateCredential with a synchronous callback that provides a signed client assertion to authenticate against Microsoft Entra ID.

public ClientAssertionCredential(string tenantId, string clientId, Func<string> assertionCallback, ClientAssertionCredentialOptions options = null)

Parameters

tenantId string: The Microsoft Entra tenant (directory) ID of the service principal.
clientId string: The client (application) ID of the service principal
assertionCallback Func<string>: A synchronous callback returning a valid client assertion used to authenticate the service principal.
options ClientAssertionCredentialOptions: Options that allow to configure the management of the requests sent to Microsoft Entra ID.

ClientAssertionCredential(string, string, Func<CancellationToken, Task<string>>, ClientAssertionCredentialOptions)

Creates an instance of the ClientCertificateCredential with an asynchronous callback that provides a signed client assertion to authenticate against Microsoft Entra ID.

public ClientAssertionCredential(string tenantId, string clientId, Func<CancellationToken, Task<string>> assertionCallback, ClientAssertionCredentialOptions options = null)

Parameters

tenantId string: The Microsoft Entra tenant (directory) ID of the service principal.
clientId string: The client (application) ID of the service principal
assertionCallback Func<CancellationToken, Task<string>>: An asynchronous callback returning a valid client assertion used to authenticate the service principal.
options ClientAssertionCredentialOptions: Options that allow to configure the management of the requests sent to Microsoft Entra ID.

Methods

GetToken(TokenRequestContext, CancellationToken)

Obtains a token from Microsoft Entra ID, by calling the assertionCallback specified when constructing the credential to obtain a client assertion for authentication.

public override AccessToken GetToken(TokenRequestContext requestContext, CancellationToken cancellationToken = default)

Parameters

requestContext TokenRequestContext: The details of the authentication request.
cancellationToken CancellationToken: A CancellationToken controlling the request lifetime.

Returns

AccessToken: An Azure.Core.AccessToken which can be used to authenticate service client calls.

GetTokenAsync(TokenRequestContext, CancellationToken)

Obtains a token from Microsoft Entra ID, by calling the assertionCallback specified when constructing the credential to obtain a client assertion for authentication.

public override ValueTask<AccessToken> GetTokenAsync(TokenRequestContext requestContext, CancellationToken cancellationToken = default)

Parameters

requestContext TokenRequestContext: The details of the authentication request.
cancellationToken CancellationToken: A CancellationToken controlling the request lifetime.

Returns

ValueTask<AccessToken>: An Azure.Core.AccessToken which can be used to authenticate service client calls.

Table of Contents

Class ClientAssertionCredential

Constructors

ClientAssertionCredential()

ClientAssertionCredential(string, string, Func<string>, ClientAssertionCredentialOptions)

Parameters

ClientAssertionCredential(string, string, Func<CancellationToken, Task<string>>, ClientAssertionCredentialOptions)

Parameters

Methods

GetToken(TokenRequestContext, CancellationToken)

Parameters

Returns

GetTokenAsync(TokenRequestContext, CancellationToken)

Parameters

Returns