Package com.azure.identity
Class DefaultAzureCredentialBuilder
java.lang.Object
com.azure.identity.CredentialBuilderBase<DefaultAzureCredentialBuilder>
com.azure.identity.DefaultAzureCredentialBuilder
public class DefaultAzureCredentialBuilder
extends CredentialBuilderBase<DefaultAzureCredentialBuilder>
Fluent credential builder for instantiating a
DefaultAzureCredential
.- See Also:
-
Constructor Summary
ConstructorDescriptionCreates an instance of a DefaultAzureCredentialBuilder. -
Method Summary
Modifier and TypeMethodDescriptionadditionallyAllowedTenants
(String... additionallyAllowedTenants) For multi-tenant applications, specifies additional tenants for which the credential may acquire tokens.additionallyAllowedTenants
(List<String> additionallyAllowedTenants) For multi-tenant applications, specifies additional tenants for which the credential may acquire tokens.authorityHost
(String authorityHost) Specifies the Azure Active Directory endpoint to acquire tokens.build()
Creates newDefaultAzureCredential
with the configured options set.executorService
(ExecutorService executorService) Specifies the ExecutorService to be used to execute the authentication requests.intelliJKeePassDatabasePath
(String databasePath) Specifies the KeePass database path to read the cached credentials of Azure toolkit for IntelliJ plugin.managedIdentityClientId
(String clientId) Specifies the client ID of user assigned or system assigned identity, when this credential is running in an environment with managed identities.managedIdentityResourceId
(String resourceId) Specifies the resource ID of user assigned or system assigned identity, when this credential is running in an environment with managed identities.Sets the tenant id of the user to authenticate through theDefaultAzureCredential
.Methods inherited from class com.azure.identity.CredentialBuilderBase
configuration, enableAccountIdentifierLogging, httpClient, httpPipeline, maxRetry, proxyOptions, retryTimeout
-
Constructor Details
-
DefaultAzureCredentialBuilder
public DefaultAzureCredentialBuilder()Creates an instance of a DefaultAzureCredentialBuilder.
-
-
Method Details
-
tenantId
Sets the tenant id of the user to authenticate through theDefaultAzureCredential
. If unset, the value in the AZURE_TENANT_ID environment variable will be used. If neither is set, the default is null and will authenticate users to their default tenant.- Parameters:
tenantId
- the tenant ID to set.- Returns:
- An updated instance of this builder with the tenant id set as specified.
-
authorityHost
Specifies the Azure Active Directory endpoint to acquire tokens.- Parameters:
authorityHost
- the Azure Active Directory endpoint- Returns:
- An updated instance of this builder with the authority host set as specified.
-
intelliJKeePassDatabasePath
Specifies the KeePass database path to read the cached credentials of Azure toolkit for IntelliJ plugin. ThedatabasePath
is required on Windows platform. For macOS and Linux platform native key chain / key ring will be accessed respectively to retrieve the cached credentials.This path can be located in the IntelliJ IDE. Windows: File -> Settings -> Appearance & Behavior -> System Settings -> Passwords.
- Parameters:
databasePath
- the path to the KeePass database.- Returns:
- An updated instance of this builder with the KeePass database path set as specified.
- Throws:
IllegalArgumentException
- ifdatabasePath
is either not specified or is empty.
-
managedIdentityClientId
Specifies the client ID of user assigned or system assigned identity, when this credential is running in an environment with managed identities. If unset, the value in the AZURE_CLIENT_ID environment variable will be used. If neither is set, the default value is null and will only work with system assigned managed identities and not user assigned managed identities. Only one of managedIdentityClientId and managedIdentityResourceId can be specified.- Parameters:
clientId
- the client ID- Returns:
- the DefaultAzureCredentialBuilder itself
-
managedIdentityResourceId
Specifies the resource ID of user assigned or system assigned identity, when this credential is running in an environment with managed identities. If unset, the value in the AZURE_CLIENT_ID environment variable will be used. If neither is set, the default value is null and will only work with system assigned managed identities and not user assigned managed identities. Only one of managedIdentityResourceId and managedIdentityClientId can be specified.- Parameters:
resourceId
- the resource ID- Returns:
- the DefaultAzureCredentialBuilder itself
-
executorService
Specifies the ExecutorService to be used to execute the authentication requests. Developer is responsible for maintaining the lifecycle of the ExecutorService.If this is not configured, the
ForkJoinPool.commonPool()
will be used which is also shared with other application tasks. If the common pool is heavily used for other tasks, authentication requests might starve and setting up this executor service should be considered.The executor service and can be safely shutdown if the TokenCredential is no longer being used by the Azure SDK clients and should be shutdown before the application exits.
- Parameters:
executorService
- the executor service to use for executing authentication requests.- Returns:
- An updated instance of this builder with the executor service set as specified.
-
additionallyAllowedTenants
public DefaultAzureCredentialBuilder additionallyAllowedTenants(String... additionallyAllowedTenants) For multi-tenant applications, specifies additional tenants for which the credential may acquire tokens. Add the wildcard value "*" to allow the credential to acquire tokens for any tenant the application is installed.- Parameters:
additionallyAllowedTenants
- the additionally allowed tenants.- Returns:
- An updated instance of this builder with the tenant id set as specified.
-
additionallyAllowedTenants
public DefaultAzureCredentialBuilder additionallyAllowedTenants(List<String> additionallyAllowedTenants) For multi-tenant applications, specifies additional tenants for which the credential may acquire tokens. Add the wildcard value "*" to allow the credential to acquire tokens for any tenant the application is installed.- Parameters:
additionallyAllowedTenants
- the additionally allowed tenants.- Returns:
- An updated instance of this builder with the tenant id set as specified.
-
build
Creates newDefaultAzureCredential
with the configured options set.- Returns:
- a
DefaultAzureCredential
with the current configurations. - Throws:
IllegalStateException
- if clientId and resourceId are both set.
-