Package version:

Class OnBehalfOfCredential

Enables authentication to Microsoft Entra ID using the On Behalf Of flow.

Implements

TokenCredential

Index

Constructors

constructor

Methods

getToken

Constructors

constructor

new OnBehalfOfCredential(options): OnBehalfOfCredential
Creates an instance of the OnBehalfOfCredential with the details needed to authenticate against Microsoft Entra ID with path to a PEM certificate, and an user assertion.

Example using the KeyClient from @azure/keyvault-keys:
```
import { OnBehalfOfCredential } from "@azure/identity";
import { KeyClient } from "@azure/keyvault-keys";

const tokenCredential = new OnBehalfOfCredential({
  tenantId: "tenant-id",
  clientId: "client-id",
  certificatePath: "/path/to/certificate.pem",
  userAssertionToken: "access-token",
});
const client = new KeyClient("vault-url", tokenCredential);

await client.getKey("key-name");
```
Parameters
- options: OnBehalfOfCredentialCertificateOptions & MultiTenantTokenCredentialOptions & CredentialPersistenceOptions
  Optional parameters, generally common across credentials.
Returns OnBehalfOfCredential
- Defined in credentials/onBehalfOfCredential.ts:69
new OnBehalfOfCredential(options): OnBehalfOfCredential
Creates an instance of the OnBehalfOfCredential with the details needed to authenticate against Microsoft Entra ID with a client secret and an user assertion.

Example using the KeyClient from @azure/keyvault-keys:
```
import { OnBehalfOfCredential } from "@azure/identity";
import { KeyClient } from "@azure/keyvault-keys";

const tokenCredential = new OnBehalfOfCredential({
  tenantId: "tenant-id",
  clientId: "client-id",
  clientSecret: "client-secret",
  userAssertionToken: "access-token",
});
const client = new KeyClient("vault-url", tokenCredential);

await client.getKey("key-name");
```
Parameters
- options: OnBehalfOfCredentialSecretOptions & MultiTenantTokenCredentialOptions & CredentialPersistenceOptions
  Optional parameters, generally common across credentials.
Returns OnBehalfOfCredential
- Defined in credentials/onBehalfOfCredential.ts:98
new OnBehalfOfCredential(options): OnBehalfOfCredential
Creates an instance of the OnBehalfOfCredential with the details needed to authenticate against Microsoft Entra ID with a client getAssertion and an user assertion.

Example using the KeyClient from @azure/keyvault-keys:
```
import { OnBehalfOfCredential } from "@azure/identity";
import { KeyClient } from "@azure/keyvault-keys";

const tokenCredential = new OnBehalfOfCredential({
  tenantId: "tenant-id",
  clientId: "client-id",
  getAssertion: () => {
    return Promise.resolve("my-jwt");
  },
  userAssertionToken: "access-token",
});
const client = new KeyClient("vault-url", tokenCredential);

await client.getKey("key-name");
```
Parameters
- options: OnBehalfOfCredentialAssertionOptions & MultiTenantTokenCredentialOptions & CredentialPersistenceOptions
  Optional parameters, generally common across credentials.
Returns OnBehalfOfCredential
- Defined in credentials/onBehalfOfCredential.ts:130

Methods

getToken

getToken(scopes, options?): Promise<AccessToken>
Authenticates with Microsoft Entra ID and returns an access token if successful. If authentication fails, a CredentialUnavailableError will be thrown with the details of the failure.
Parameters
- scopes: string | {}
  The list of scopes for which the token will have access.
- options: GetTokenOptions = {}
  The options used to configure the underlying network requests.
Returns Promise<AccessToken>
- Defined in credentials/onBehalfOfCredential.ts:195

Class OnBehalfOfCredential

Implements

Index

Constructors

Methods

Constructors

constructor

Parameters

Returns OnBehalfOfCredential

Parameters

Returns OnBehalfOfCredential

Parameters

Returns OnBehalfOfCredential

Methods

getToken

Parameters

Returns Promise<AccessToken>

Settings