Package com.azure.identity

Class ClientSecretCredentialBuilder

java.lang.Object

com.azure.identity.CredentialBuilderBase<T>

com.azure.identity.AadCredentialBuilderBase<ClientSecretCredentialBuilder>

com.azure.identity.ClientSecretCredentialBuilder

All Implemented Interfaces:

com.azure.core.client.traits.HttpTrait<ClientSecretCredentialBuilder>

public class ClientSecretCredentialBuilder
extends AadCredentialBuilderBase<ClientSecretCredentialBuilder>

Fluent credential builder for instantiating a ClientSecretCredential.

The ClientSecretCredential acquires a token via service principal authentication. It is a type of authentication in Azure that enables a non-interactive login to Microsoft Entra ID, allowing an application or service to authenticate itself with Azure resources. A Service Principal is essentially an identity created for an application in Microsoft Entra ID that can be used to authenticate with Azure resources. It's like a "user identity" for the application or service, and it provides a way for the application to authenticate itself with Azure resources without needing to use a user's credentials. Microsoft Entra ID allows users to register service principals which can be used as an identity for authentication. A client secret associated with the registered service principal is used as the password when authenticating the service principal. The ClientSecretCredential acquires an access token with a client secret for a service principal/registered Microsoft Entra application. The tenantId, clientId and clientSecret of the service principal are required for this credential to acquire an access token. It can be used both in Azure hosted and local development environments for authentication. For more information refer to the conceptual knowledge and configuration details.

Sample: Construct a simple ClientSecretCredential

The following code sample demonstrates the creation of a ClientSecretCredential, using the ClientSecretCredentialBuilder to configure it. The tenantId, clientId and clientSecret parameters are required to create ClientSecretCredential .Once this credential is created, it may be passed into the builder of many of the Azure SDK for Java client builders as the 'credential' parameter.

 TokenCredential clientSecretCredential = new ClientSecretCredentialBuilder()
     .tenantId(tenantId)
     .clientId(clientId)
     .clientSecret(clientSecret)
     .build();
 

Sample: Construct a ClientSecretCredential behind a proxy

The following code sample demonstrates the creation of a ClientSecretCredential, using the ClientSecretCredentialBuilder to configure it. The tenantId, clientId and clientSecret parameters are required to create ClientSecretCredential. The proxyOptions can be optionally configured to target a proxy. Once this credential is created, it may be passed into the builder of many of the Azure SDK for Java client builders as the 'credential' parameter.

 TokenCredential secretCredential = new ClientSecretCredentialBuilder()
     .tenantId(tenantId)
     .clientId(clientId)
     .clientSecret(clientSecret)
     .proxyOptions(new ProxyOptions(Type.HTTP, new InetSocketAddress("10.21.32.43", 5465)))
     .build();
 

See Also:

• ClientSecretCredential

Constructor Summary

Constructors

Constructor	Description
ClientSecretCredentialBuilder()	Constructs an instance of ClientSecretCredentialBuilder.

Method Summary

Modifier and Type	Method	Description
ClientSecretCredential	build()	Creates a new ClientCertificateCredential with the current configurations.
ClientSecretCredentialBuilder	clientSecret(String clientSecret)	Sets the client secret for the authentication.
ClientSecretCredentialBuilder	tokenCachePersistenceOptions(TokenCachePersistenceOptions tokenCachePersistenceOptions)	Configures the persistent shared token cache options and enables the persistent token cache which is disabled by default.

Methods inherited from class com.azure.identity.AadCredentialBuilderBase

additionallyAllowedTenants, additionallyAllowedTenants, authorityHost, clientId, disableInstanceDiscovery, enableUnsafeSupportLogging, executorService, tenantId

Methods inherited from class com.azure.identity.CredentialBuilderBase

addPolicy, clientOptions, configuration, enableAccountIdentifierLogging, httpClient, httpLogOptions, httpPipeline, maxRetry, pipeline, proxyOptions, retryOptions, retryPolicy, retryTimeout

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

ClientSecretCredentialBuilder

public ClientSecretCredentialBuilder()

Constructs an instance of ClientSecretCredentialBuilder.

Method Details

clientSecret

public ClientSecretCredentialBuilder clientSecret(String clientSecret)

Sets the client secret for the authentication.

Parameters:

clientSecret - the secret value of the Microsoft Entra application.

Returns:

An updated instance of this builder.

tokenCachePersistenceOptions

public ClientSecretCredentialBuilder tokenCachePersistenceOptions(TokenCachePersistenceOptions tokenCachePersistenceOptions)

Configures the persistent shared token cache options and enables the persistent token cache which is disabled by default. If configured, the credential will store tokens in a cache persisted to the machine, protected to the current user, which can be shared by other credentials and processes.

Parameters:

tokenCachePersistenceOptions - the token cache configuration options

Returns:

An updated instance of this builder with the token cache options configured.

build

public ClientSecretCredential build()

Creates a new ClientCertificateCredential with the current configurations.

Returns:

a ClientSecretCredentialBuilder with the current configurations.