Class DefaultAzureCredentialOptions

Options to configure the DefaultAzureCredential authentication flow and requests made to Azure Identity services.

Inheritance

Azure.Core.ClientOptions

TokenCredentialOptions

DefaultAzureCredentialOptions

Inherited Members

TokenCredentialOptions.AuthorityHost

TokenCredentialOptions.Diagnostics

TokenCredentialOptions.IsUnsafeSupportLoggingEnabled

Namespace: System.Dynamic.ExpandoObject

Assembly: Azure.Identity.dll

Syntax

public class DefaultAzureCredentialOptions : Azure.Identity.TokenCredentialOptions

Constructors

DefaultAzureCredentialOptions()

Declaration

public DefaultAzureCredentialOptions ();

Properties

AdditionallyAllowedTenants

Specifies tenants in addition to the specified TenantId for which the credential may acquire tokens. Add the wildcard value "*" to allow the credential to acquire tokens for any tenant the logged in account can access. If no value is specified for TenantId, this option will have no effect on that authentication method, and the credential will acquire tokens for any requested tenant when using that method. This value can also be set by setting the environment variable AZURE_ADDITIONALLY_ALLOWED_TENANTS.

Declaration

public System.Collections.Generic.IList<string> AdditionallyAllowedTenants { get; }

Property Value

System.Collections.Generic.IList<System.String>

CredentialProcessTimeout

Specifies timeout for credentials invoked via sub-process. e.g. Visual Studio, Azure CLI, Azure PowerShell.

Declaration

public Nullable<TimeSpan> CredentialProcessTimeout { get; set; }

Property Value

System.Nullable<System.TimeSpan>

DisableInstanceDiscovery

Declaration

public bool DisableInstanceDiscovery { get; set; }

Property Value

System.Boolean

ExcludeAzureCliCredential

Specifies whether the AzureCliCredential will be excluded from the DefaultAzureCredential authentication flow.

Declaration

public bool ExcludeAzureCliCredential { get; set; }

Property Value

System.Boolean

ExcludeAzureDeveloperCliCredential

Specifies whether the AzureDeveloperCliCredential will be excluded from the DefaultAzureCredential authentication flow.

Declaration

public bool ExcludeAzureDeveloperCliCredential { get; set; }

Property Value

System.Boolean

ExcludeAzurePowerShellCredential

Specifies whether the AzurePowerShellCredential will be excluded from the DefaultAzureCredential authentication flow.

Declaration

public bool ExcludeAzurePowerShellCredential { get; set; }

Property Value

System.Boolean

ExcludeEnvironmentCredential

Specifies whether the EnvironmentCredential will be excluded from the authentication flow. Setting to true disables reading authentication details from the process' environment variables.

Declaration

public bool ExcludeEnvironmentCredential { get; set; }

Property Value

System.Boolean

ExcludeInteractiveBrowserCredential

Specifies whether the InteractiveBrowserCredential will be excluded from the DefaultAzureCredential authentication flow. Setting to true disables launching the default system browser to authenticate in development environments. The default is true.

Declaration

public bool ExcludeInteractiveBrowserCredential { get; set; }

Property Value

System.Boolean

ExcludeManagedIdentityCredential

Specifies whether the ManagedIdentityCredential will be excluded from the DefaultAzureCredential authentication flow. Setting to true disables authenticating with managed identity endpoints.

Declaration

public bool ExcludeManagedIdentityCredential { get; set; }

Property Value

System.Boolean

ExcludeSharedTokenCacheCredential

Specifies whether the SharedTokenCacheCredential will be excluded from the DefaultAzureCredential authentication flow. Setting to true disables single sign on authentication with development tools which write to the shared token cache. The default is true.

Declaration

public bool ExcludeSharedTokenCacheCredential { get; set; }

Property Value

System.Boolean

ExcludeVisualStudioCodeCredential

Specifies whether the VisualStudioCodeCredential will be excluded from the DefaultAzureCredential authentication flow. The default is true.

Declaration

public bool ExcludeVisualStudioCodeCredential { get; set; }

Property Value

System.Boolean

ExcludeVisualStudioCredential

Specifies whether the VisualStudioCredential will be excluded from the DefaultAzureCredential authentication flow.

Declaration

public bool ExcludeVisualStudioCredential { get; set; }

Property Value

System.Boolean

ExcludeWorkloadIdentityCredential

Specifies whether the WorkloadIdentityCredential will be excluded from the authentication flow. Setting to true disables reading authentication details from the process' environment variables.

Declaration

public bool ExcludeWorkloadIdentityCredential { get; set; }

Property Value

System.Boolean

InteractiveBrowserCredentialClientId

Specifies the client id of the selected credential

Declaration

public string InteractiveBrowserCredentialClientId { get; set; }

Property Value

System.String

InteractiveBrowserTenantId

The tenant id of the user to authenticate, in the case the DefaultAzureCredential authenticates through, the InteractiveBrowserCredential. The default is null and will authenticate users to their default tenant. The value can also be set by setting the environment variable AZURE_TENANT_ID.

Declaration

[System.ComponentModel.EditorBrowsable]
public string InteractiveBrowserTenantId { get; set; }

Property Value

System.String

ManagedIdentityClientId

Specifies the client ID of a user-assigned managed identity. If this value is configured, then ManagedIdentityResourceId should not be configured.

Declaration

public string ManagedIdentityClientId { get; set; }

Property Value

System.String

Remarks

If neither the ManagedIdentityClientId nor the ManagedIdentityResourceId property is set, then a system-assigned managed identity is used.

ManagedIdentityResourceId

Specifies the resource ID of a user-assigned managed identity. If this value is configured, then ManagedIdentityClientId should not be configured.

Declaration

public Azure.Core.ResourceIdentifier ManagedIdentityResourceId { get; set; }

Property Value

Azure.Core.ResourceIdentifier

Remarks

If neither the ManagedIdentityClientId nor the ManagedIdentityResourceId property is set, then a system-assigned managed identity is used.

SharedTokenCacheTenantId

Specifies the tenant id of the preferred authentication account, to be retrieved from the shared token cache for single sign on authentication with development tools, in the case multiple accounts are found in the shared token.

Declaration

[System.ComponentModel.EditorBrowsable]
public string SharedTokenCacheTenantId { get; set; }

Property Value

System.String

Remarks

If multiple accounts are found in the shared token cache and no value is specified, or the specified value matches no accounts in

the cache the SharedTokenCacheCredential will not be used for authentication.

SharedTokenCacheUsername

Specifies the preferred authentication account to be retrieved from the shared token cache for single sign on authentication with development tools. In the case multiple accounts are found in the shared token.

Declaration

public string SharedTokenCacheUsername { get; set; }

Property Value

System.String

Remarks

If multiple accounts are found in the shared token cache and no value is specified, or the specified value matches no accounts in

the cache the SharedTokenCacheCredential will not be used for authentication.

TenantId

The ID of the tenant to which the credential will authenticate by default. If not specified, the credential will authenticate to any requested tenant, and will default to the tenant to which the chosen authentication method was originally authenticated.

Declaration

public string TenantId { get; set; }

Property Value

System.String

VisualStudioCodeTenantId

The tenant ID of the user to authenticate, in the case the DefaultAzureCredential authenticates through, the VisualStudioCodeCredential. The default is null and will authenticate users to their default tenant. The value can also be set by setting the environment variable AZURE_TENANT_ID.

Declaration

[System.ComponentModel.EditorBrowsable]
public string VisualStudioCodeTenantId { get; set; }

Property Value

System.String

VisualStudioTenantId

The tenant id of the user to authenticate, in the case the DefaultAzureCredential authenticates through, the VisualStudioCredential. The default is null and will authenticate users to their default tenant. The value can also be set by setting the environment variable AZURE_TENANT_ID.

Declaration

[System.ComponentModel.EditorBrowsable]
public string VisualStudioTenantId { get; set; }

Property Value

System.String

WorkloadIdentityClientId

Specifies the client id of the application the workload identity will authenticate.

Declaration

public string WorkloadIdentityClientId { get; set; }

Property Value

System.String