Package com.azure.identity

Class AzureCliCredential

java.lang.Object
com.azure.identity.AzureCliCredential
All Implemented Interfaces:
com.azure.core.credential.TokenCredential
public class AzureCliCredential extends Object implements com.azure.core.credential.TokenCredential

The Azure CLI is a command-line tool that allows users to manage Azure resources from their local machine or terminal. It allows users to authenticate interactively as a user and/or a service principal against Microsoft Entra ID. The AzureCliCredential authenticates in a development environment and acquires a token on behalf of the logged-in user or service principal in Azure CLI. It acts as the Azure CLI logged in user or service principal and executes an Azure CLI command underneath to authenticate the application against Microsoft Entra ID.

Configure AzureCliCredential

To use this credential, the developer needs to authenticate locally in Azure CLI using one of the commands below:

  1. Run "az login" in Azure CLI to authenticate as a user.
  2. Run "az login --service-principal --username {client ID} --password {client secret} --tenant {tenant ID}" to authenticate as a service principal.

You may need to repeat this process after a certain time period, depending on the refresh token validity in your organization. Generally, the refresh token validity period is a few weeks to a few months. AzureCliCredential will prompt you to sign in again.

Sample: Construct AzureCliCredential

The following code sample demonstrates the creation of a AzureCliCredential, using the AzureCliCredentialBuilder to configure it. Once this credential is created, it may be passed into the builder of many of the Azure SDK for Java client builders as the 'credential' parameter.

 TokenCredential azureCliCredential = new AzureCliCredentialBuilder()
     .build();
See Also:

  • Method Summary

    Modifier and Type
    Method
    Description
    Mono<com.azure.core.credential.AccessToken>
    getToken(com.azure.core.credential.TokenRequestContext request)
    Asynchronously get a token for a given resource/audience.
    com.azure.core.credential.AccessToken
    getTokenSync(com.azure.core.credential.TokenRequestContext request)
    Synchronously get a token for a given resource/audience.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Method Details

    • getToken

      public Mono<com.azure.core.credential.AccessToken> getToken(com.azure.core.credential.TokenRequestContext request)
      Description copied from interface: com.azure.core.credential.TokenCredential
      Asynchronously get a token for a given resource/audience. This method is called automatically by Azure SDK client libraries. You may call this method directly, but you must also handle token caching and token refreshing.
      Specified by:
      getToken in interface com.azure.core.credential.TokenCredential
      Parameters:
      request - the details of the token request
      Returns:
      a Publisher that emits a single access token

    • getTokenSync

      public com.azure.core.credential.AccessToken getTokenSync(com.azure.core.credential.TokenRequestContext request)
      Description copied from interface: com.azure.core.credential.TokenCredential
      Synchronously get a token for a given resource/audience. This method is called automatically by Azure SDK client libraries. You may call this method directly, but you must also handle token caching and token refreshing.
      Specified by:
      getTokenSync in interface com.azure.core.credential.TokenCredential
      Parameters:
      request - the details of the token request
      Returns:
      The Access Token