Class InteractiveBrowserCredentialBuilder

All Implemented Interfaces:
com.azure.core.client.traits.HttpTrait<InteractiveBrowserCredentialBuilder>

public class InteractiveBrowserCredentialBuilder extends AadCredentialBuilderBase<InteractiveBrowserCredentialBuilder>
Fluent credential builder for instantiating a InteractiveBrowserCredential.

Interactive browser authentication is a type of authentication flow offered by Microsoft Entra ID that enables users to sign in to applications and services using a web browser. This authentication method is commonly used for web applications, where users enter their credentials directly into a web page. With interactive browser authentication, the user navigates to a web application and is prompted to enter their username and password credentials. The application then redirects the user to the Microsoft Entra ID sign-in page, where they are prompted to enter their credentials again. After the user successfully authenticates, Microsoft Entra ID issues a security token that the application can use to authorize the user's access to its resources. The InteractiveBrowserCredential interactively authenticates a user and acquires a token with the default system browser and offers a smooth authentication experience by letting a user use their own credentials to authenticate the application. When authenticated, the oauth2 flow notifies the credential of the authentication code through the reply URL. For more information refer to the conceptual knowledge and configuration details.

Sample: Construct InteractiveBrowserCredential

The following code sample demonstrates the creation of a InteractiveBrowserCredential, using the InteractiveBrowserCredentialBuilder to configure it. By default, the credential targets a localhost redirect URL, to override that behaviour a redirectUrl(String) can be optionally specified. Once this credential is created, it may be passed into the builder of many of the Azure SDK for Java client builders as the 'credential' parameter.

 TokenCredential interactiveBrowserCredential = new InteractiveBrowserCredentialBuilder()
     .redirectUrl("http://localhost:8765")
     .build();
 
See Also:
  • Constructor Details

    • InteractiveBrowserCredentialBuilder

      public InteractiveBrowserCredentialBuilder()
      Constructs an instance of InteractiveBrowserCredentialBuilder.
  • Method Details

    • port

      Deprecated.
      Configure the redirect URL as http://localhost:{port} via redirectUrl(String) instead.
      Sets the port for the local HTTP server, for which http://localhost:{port} must be registered as a valid reply URL on the application.
      Parameters:
      port - the port on which the credential will listen for the browser authentication result
      Returns:
      the InteractiveBrowserCredentialBuilder itself
    • authenticationRecord

      public InteractiveBrowserCredentialBuilder authenticationRecord(AuthenticationRecord authenticationRecord)
      Sets the AuthenticationRecord captured from a previous authentication.
      Parameters:
      authenticationRecord - The Authentication record to be configured.
      Returns:
      An updated instance of this builder with the configured authentication record.
    • tokenCachePersistenceOptions

      public InteractiveBrowserCredentialBuilder tokenCachePersistenceOptions(TokenCachePersistenceOptions tokenCachePersistenceOptions)
      Configures the persistent shared token cache options and enables the persistent token cache which is disabled by default. If configured, the credential will store tokens in a cache persisted to the machine, protected to the current user, which can be shared by other credentials and processes.
      Parameters:
      tokenCachePersistenceOptions - the token cache configuration options
      Returns:
      An updated instance of this builder with the token cache options configured.
    • redirectUrl

      public InteractiveBrowserCredentialBuilder redirectUrl(String redirectUrl)
      Sets the Redirect URL where STS will callback the application with the security code. It is required if a custom client id is specified via AadCredentialBuilderBase.clientId(String) and must match the redirect URL specified during the application registration.
      Parameters:
      redirectUrl - the redirect URL to listen on and receive security code.
      Returns:
      An updated instance of this builder with the configured redirect URL.
    • disableAutomaticAuthentication

      public InteractiveBrowserCredentialBuilder disableAutomaticAuthentication()
      Disables the automatic authentication and prevents the InteractiveBrowserCredential from automatically prompting the user. If automatic authentication is disabled a AuthenticationRequiredException will be thrown from InteractiveBrowserCredential.getToken(TokenRequestContext) in the case that user interaction is necessary. The application is responsible for handling this exception, and calling InteractiveBrowserCredential.authenticate() or InteractiveBrowserCredential.authenticate(TokenRequestContext) to authenticate the user interactively.
      Returns:
      An updated instance of this builder with automatic authentication disabled.
    • loginHint

      public InteractiveBrowserCredentialBuilder loginHint(String loginHint)
      Sets the username suggestion to pre-fill the login page's username/email address field. A user may still log in with a different username.
      Parameters:
      loginHint - the username suggestion to pre-fill the login page's username/email address field.
      Returns:
      An updated instance of this builder with login hint configured.
    • additionallyAllowedTenants

      public InteractiveBrowserCredentialBuilder additionallyAllowedTenants(String... additionallyAllowedTenants)
      For multi-tenant applications, specifies additional tenants for which the credential may acquire tokens. Add the wildcard value "*" to allow the credential to acquire tokens for any tenant on which the application is installed. If no value is specified for TenantId this option will have no effect, and the credential will acquire tokens for any requested tenant.
      Overrides:
      additionallyAllowedTenants in class AadCredentialBuilderBase<InteractiveBrowserCredentialBuilder>
      Parameters:
      additionallyAllowedTenants - the additionally allowed tenants.
      Returns:
      An updated instance of this builder with the additional tenants configured.
    • additionallyAllowedTenants

      public InteractiveBrowserCredentialBuilder additionallyAllowedTenants(List<String> additionallyAllowedTenants)
      For multi-tenant applications, specifies additional tenants for which the credential may acquire tokens. Add the wildcard value "*" to allow the credential to acquire tokens for any tenant on which the application is installed. If no value is specified for TenantId this option will have no effect, and the credential will acquire tokens for any requested tenant.
      Overrides:
      additionallyAllowedTenants in class AadCredentialBuilderBase<InteractiveBrowserCredentialBuilder>
      Parameters:
      additionallyAllowedTenants - the additionally allowed tenants.
      Returns:
      An updated instance of this builder with the additional tenants configured.
    • browserCustomizationOptions

      public InteractiveBrowserCredentialBuilder browserCustomizationOptions(BrowserCustomizationOptions browserCustomizationOptions)
      Configures the options for customizing the browser for interactive authentication.
      Parameters:
      browserCustomizationOptions - the browser customization options
      Returns:
      An updated instance of this builder with the browser customization options configured.
    • build

      Creates a new InteractiveBrowserCredential with the current configurations.
      Returns:
      a InteractiveBrowserCredential with the current configurations.