Class ManagedIdentityCredential
Attempts authentication using a managed identity that has been assigned to the deployment environment. This authentication type works for all Azure-hosted environments that support managed identity. More information about configuring managed identities can be found at https://learn.microsoft.com/entra/identity/managed-identities-azure-resources/overview.
public class ManagedIdentityCredential : TokenCredential- Inheritance
-
ManagedIdentityCredential
Constructors
ManagedIdentityCredential()
Protected constructor for mocking.
protected ManagedIdentityCredential()ManagedIdentityCredential(ResourceIdentifier, TokenCredentialOptions)
Creates an instance of ManagedIdentityCredential capable of authenticating a resource with a user-assigned managed identity.
public ManagedIdentityCredential(ResourceIdentifier resourceId, TokenCredentialOptions options = null)Parameters
resourceIdResourceIdentifierThe resource ID to authenticate for a user-assigned managed identity.
optionsTokenCredentialOptionsOptions to configure the management of the requests sent to Microsoft Entra ID.
ManagedIdentityCredential(string, TokenCredentialOptions)
Creates an instance of ManagedIdentityCredential capable of authenticating a resource with a user-assigned or a system-assigned managed identity.
public ManagedIdentityCredential(string clientId = null, TokenCredentialOptions options = null)Parameters
clientIdstringThe client ID to authenticate for a user-assigned managed identity. If not provided, a system-assigned managed identity is used.
optionsTokenCredentialOptionsOptions to configure the management of the requests sent to Microsoft Entra ID.
Methods
GetToken(TokenRequestContext, CancellationToken)
Obtains an Azure.Core.AccessToken from the Managed Identity service, if available. Acquired tokens are cached by the credential instance. Token lifetime and refreshing is handled automatically. Where possible, reuse credential instances to optimize cache effectiveness.
public override AccessToken GetToken(TokenRequestContext requestContext, CancellationToken cancellationToken = default)Parameters
requestContextTokenRequestContextThe details of the authentication request.
cancellationTokenCancellationTokenA CancellationToken controlling the request lifetime.
Returns
- AccessToken
An Azure.Core.AccessToken which can be used to authenticate service client calls, or a default Azure.Core.AccessToken if no managed identity is available.
GetTokenAsync(TokenRequestContext, CancellationToken)
Obtains an Azure.Core.AccessToken from the Managed Identity service, if available. Acquired tokens are cached by the credential instance. Token lifetime and refreshing is handled automatically. Where possible, reuse credential instances to optimize cache effectiveness.
public override ValueTask<AccessToken> GetTokenAsync(TokenRequestContext requestContext, CancellationToken cancellationToken = default)Parameters
requestContextTokenRequestContextThe details of the authentication request.
cancellationTokenCancellationTokenA CancellationToken controlling the request lifetime.
Returns
- ValueTask<AccessToken>
An Azure.Core.AccessToken which can be used to authenticate service client calls, or a default Azure.Core.AccessToken if no managed identity is available.