Table of Contents

Class AbstractAcquireTokenParameterBuilder<T>

Namespace
Microsoft.Identity.Client
Assembly
Microsoft.Identity.Client.dll

Base class for builders of token requests, which attempt to acquire a token based on the provided parameters.

public abstract class AbstractAcquireTokenParameterBuilder<T> : BaseAbstractAcquireTokenParameterBuilder<T> where T : BaseAbstractAcquireTokenParameterBuilder<T>

Type Parameters

T
Inheritance
AbstractAcquireTokenParameterBuilder<T>
Derived
Inherited Members

Constructors

AbstractAcquireTokenParameterBuilder()

Default constructor for AbstractAcquireTokenParameterBuilder.

protected AbstractAcquireTokenParameterBuilder()

Methods

WithAdfsAuthority(string, bool)

Adds a known Authority corresponding to an ADFS server. See https://aka.ms/msal-net-adfs.

public T WithAdfsAuthority(string authorityUri, bool validateAuthority = true)

Parameters

authorityUri string

Authority URL for an ADFS server.

validateAuthority bool

Whether the authority should be validated against the server metadata.

Returns

T

The builder to chain the .With methods.

Remarks

MSAL.NET supports ADFS 2019 or later.

WithB2CAuthority(string)

Adds a known authority corresponding to an Azure AD B2C policy. See https://aka.ms/msal-net-b2c-specificities

public T WithB2CAuthority(string authorityUri)

Parameters

authorityUri string

Azure AD B2C authority, including the B2C policy (for instance "https://fabrikamb2c.b2clogin.com/tfp/{Tenant}/{policy}

Returns

T

The builder to chain the .With methods.

WithClaims(string)

Sets claims in the query. Use when the AAD admin has enabled conditional access. Acquiring the token normally will result in a MsalUiRequiredException with the Claims property set. Retry the token acquisition, and use this value in the WithClaims(string) method. See https://aka.ms/msal-exceptions for details as well as https://aka.ms/msal-net-claim-challenge.

public T WithClaims(string claims)

Parameters

claims string

A string with one or multiple claims.

Returns

T

The builder to chain .With methods.

WithExtraQueryParameters(string)

Sets Extra Query Parameters for the query string in the HTTP authentication request.

public T WithExtraQueryParameters(string extraQueryParameters)

Parameters

extraQueryParameters string

This parameter will be appended as is to the query string in the HTTP authentication request to the authority. The string needs to be properly URL-encoded and ready to send as a string of segments of the form key=value separated by an ampersand character.

Returns

T

The builder to chain .With methods.

WithScopes(IEnumerable<string>)

Specifies which scopes to request. This method is used when your application needs to specify the scopes needed to call a protected API. See https://docs.microsoft.com/azure/active-directory/develop/v2-permissions-and-consent to learn more about scopes, permissions and consent, and https://docs.microsoft.com/azure/active-directory/develop/msal-v1-app-scopes to learn how to create scopes for legacy applications which used to expose OAuth2 permissions.

protected T WithScopes(IEnumerable<string> scopes)

Parameters

scopes IEnumerable<string>

Scopes requested to access a protected API

Returns

T

The builder to chain the .With methods.

WithTenantId(string)

Overrides the tenant ID specified in the authority at the application level. This operation preserves the authority host (environment).

If an authority was not specified at the application level, the default used is https://login.microsoftonline.com/common.

public T WithTenantId(string tenantId)

Parameters

tenantId string

Tenant ID of the Microsoft Entra ID tenant or a domain associated with this Microsoft Entra ID tenant, in order to sign-in a user of a specific organization only.

Returns

T

The builder to chain the .With methods.

Remarks

The tenant should be more restrictive than the one configured at the application level, e.g. don't use "common". Does not affect authority validation, which is specified at the application level.

Exceptions

ArgumentNullException

Thrown if tenantId is null or an empty string.

ArgumentException

Thrown if tenantId is not well-formatted (for example, has spaces).

MsalClientException

Thrown in more general exception scenarios (for ex. if the application was configured with an authority that does not allow tenants).

WithTenantIdFromAuthority(Uri)

Extracts the tenant ID from the provided authority URI and overrides the tenant ID specified in the authority at the application level. This operation preserves the authority host (environment) provided to the application builder. If an authority was not provided to the application builder, this method will replace the tenant ID in the default authority - https://login.microsoftonline.com/common.

public T WithTenantIdFromAuthority(Uri authorityUri)

Parameters

authorityUri Uri

URI from which to extract the tenant ID

Returns

T

The builder to chain the .With methods.

Remarks

The tenant should be more restrictive than the one configured at the application level, e.g. don't use "common". Does not affect authority validation, which is specified at the application level.

Exceptions

ArgumentNullException

Thrown if authorityUri is null or an empty string.

ArgumentException

Thrown if authorityUri is not well-formatted (for example, has spaces).

MsalClientException

Thrown in general exception scenarios (for example if the application was configured with an authority that does not allow tenants).