Class DefaultAzureCredentialOptions
Options to configure the DefaultAzureCredential authentication flow and requests made to Azure Identity services.
public class DefaultAzureCredentialOptions : TokenCredentialOptions- Inheritance
-
DefaultAzureCredentialOptions
- Inherited Members
Constructors
DefaultAzureCredentialOptions()
public DefaultAzureCredentialOptions()Properties
AdditionallyAllowedTenants
Specifies tenants in addition to the specified TenantId for which the credential may acquire tokens. Add the wildcard value "*" to allow the credential to acquire tokens for any tenant the logged in account can access. If no value is specified for TenantId, this option will have no effect on that authentication method, and the credential will acquire tokens for any requested tenant when using that method. This value can also be set by setting the environment variable AZURE_ADDITIONALLY_ALLOWED_TENANTS.
public IList<string> AdditionallyAllowedTenants { get; }Property Value
CredentialProcessTimeout
Specifies timeout for credentials invoked via sub-process. e.g. Visual Studio, Azure CLI, Azure PowerShell.
public TimeSpan? CredentialProcessTimeout { get; set; }Property Value
DisableInstanceDiscovery
public bool DisableInstanceDiscovery { get; set; }Property Value
ExcludeAzureCliCredential
Specifies whether the AzureCliCredential will be excluded from the DefaultAzureCredential authentication flow.
public bool ExcludeAzureCliCredential { get; set; }Property Value
ExcludeAzureDeveloperCliCredential
Specifies whether the AzureDeveloperCliCredential will be excluded from the DefaultAzureCredential authentication flow.
public bool ExcludeAzureDeveloperCliCredential { get; set; }Property Value
ExcludeAzurePowerShellCredential
Specifies whether the AzurePowerShellCredential will be excluded from the DefaultAzureCredential authentication flow.
public bool ExcludeAzurePowerShellCredential { get; set; }Property Value
ExcludeEnvironmentCredential
Specifies whether the EnvironmentCredential will be excluded from the authentication flow. Setting to true disables reading authentication details from the process' environment variables.
public bool ExcludeEnvironmentCredential { get; set; }Property Value
ExcludeInteractiveBrowserCredential
Specifies whether the InteractiveBrowserCredential will be excluded from the DefaultAzureCredential authentication flow.
Setting to true disables launching the default system browser to authenticate in development environments.
The default is true.
public bool ExcludeInteractiveBrowserCredential { get; set; }Property Value
ExcludeManagedIdentityCredential
Specifies whether the ManagedIdentityCredential will be excluded from the DefaultAzureCredential authentication flow. Setting to true disables authenticating with managed identity endpoints.
public bool ExcludeManagedIdentityCredential { get; set; }Property Value
ExcludeSharedTokenCacheCredential
Specifies whether the SharedTokenCacheCredential will be excluded from the DefaultAzureCredential authentication flow.
Setting to true disables single sign on authentication with development tools which write to the shared token cache.
The default is true.
public bool ExcludeSharedTokenCacheCredential { get; set; }Property Value
ExcludeVisualStudioCodeCredential
Specifies whether the VisualStudioCodeCredential will be excluded from the DefaultAzureCredential authentication flow.
The default is true.
public bool ExcludeVisualStudioCodeCredential { get; set; }Property Value
ExcludeVisualStudioCredential
Specifies whether the VisualStudioCredential will be excluded from the DefaultAzureCredential authentication flow.
public bool ExcludeVisualStudioCredential { get; set; }Property Value
ExcludeWorkloadIdentityCredential
Specifies whether the WorkloadIdentityCredential will be excluded from the authentication flow. Setting to true disables reading authentication details from the process' environment variables.
public bool ExcludeWorkloadIdentityCredential { get; set; }Property Value
InteractiveBrowserCredentialClientId
Specifies the client id of the selected credential
public string InteractiveBrowserCredentialClientId { get; set; }Property Value
ManagedIdentityClientId
Specifies the client ID of a user-assigned managed identity. If this value is configured, then ManagedIdentityResourceId should not be configured.
public string ManagedIdentityClientId { get; set; }Property Value
Remarks
If neither the ManagedIdentityClientId nor the ManagedIdentityResourceId property is set, then a system-assigned managed identity is used.
ManagedIdentityResourceId
Specifies the resource ID of a user-assigned managed identity. If this value is configured, then ManagedIdentityClientId should not be configured.
public ResourceIdentifier ManagedIdentityResourceId { get; set; }Property Value
- ResourceIdentifier
Remarks
If neither the ManagedIdentityClientId nor the ManagedIdentityResourceId property is set, then a system-assigned managed identity is used.
SharedTokenCacheUsername
Specifies the preferred authentication account to be retrieved from the shared token cache for single sign on authentication with development tools. In the case multiple accounts are found in the shared token.
public string SharedTokenCacheUsername { get; set; }Property Value
Remarks
If multiple accounts are found in the shared token cache and no value is specified, or the specified value matches no accounts in the cache the SharedTokenCacheCredential will not be used for authentication.
TenantId
The ID of the tenant to which the credential will authenticate by default. If not specified, the credential will authenticate to any requested tenant, and will default to the tenant to which the chosen authentication method was originally authenticated.
public string TenantId { get; set; }Property Value
WorkloadIdentityClientId
Specifies the client id of the application the workload identity will authenticate.
public string WorkloadIdentityClientId { get; set; }