Package com.azure.identity

Class AadCredentialBuilderBase<T extends AadCredentialBuilderBase<T>>

java.lang.Object

com.azure.identity.CredentialBuilderBase<T>

com.azure.identity.AadCredentialBuilderBase<T>

Type Parameters:

T - the type of the credential builder

All Implemented Interfaces:

com.azure.core.client.traits.HttpTrait<T>

Direct Known Subclasses:

AuthorizationCodeCredentialBuilder, ClientAssertionCredentialBuilder, ClientCertificateCredentialBuilder, ClientSecretCredentialBuilder, DeviceCodeCredentialBuilder, InteractiveBrowserCredentialBuilder, OnBehalfOfCredentialBuilder, SharedTokenCacheCredentialBuilder, UsernamePasswordCredentialBuilder, WorkloadIdentityCredentialBuilder

public abstract class AadCredentialBuilderBase<T extends AadCredentialBuilderBase<T>>
extends CredentialBuilderBase<T>

The base class for credential builders that allow specifying a client ID, tenant ID, authority host and additionally allowed tenants for an Azure Active Directory.

Constructor Summary

Constructors

Constructor	Description
AadCredentialBuilderBase()

Method Summary

Modifier and Type	Method	Description
T	additionallyAllowedTenants(String... additionallyAllowedTenants)	For multi-tenant applications, specifies additional tenants for which the credential may acquire tokens.
T	additionallyAllowedTenants(List<String> additionallyAllowedTenants)	For multi-tenant applications, specifies additional tenants for which the credential may acquire tokens.
T	authorityHost(String authorityHost)	Specifies the Azure Active Directory endpoint to acquire tokens.
T	clientId(String clientId)	Sets the client ID of the application.
T	disableInstanceDiscovery()	Disables the setting which determines whether or not instance discovery is performed when attempting to authenticate.
T	executorService(ExecutorService executorService)	Specifies the ExecutorService to be used to execute the authentication requests.
T	tenantId(String tenantId)	Sets the tenant ID of the application.

Methods inherited from class com.azure.identity.CredentialBuilderBase

addPolicy, clientOptions, configuration, enableAccountIdentifierLogging, httpClient, httpLogOptions, httpPipeline, maxRetry, pipeline, proxyOptions, retryOptions, retryPolicy, retryTimeout

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

AadCredentialBuilderBase

public AadCredentialBuilderBase()

Method Details

authorityHost

public T authorityHost(String authorityHost)

Specifies the Azure Active Directory endpoint to acquire tokens.

Parameters:

authorityHost - the Azure Active Directory endpoint

Returns:

An updated instance of this builder with the authority host set as specified.

clientId

public T clientId(String clientId)

Sets the client ID of the application.

Parameters:

clientId - the client ID of the application.

Returns:

An updated instance of this builder with the client id set as specified.

tenantId

public T tenantId(String tenantId)

Sets the tenant ID of the application.

Parameters:

tenantId - the tenant ID of the application.

Returns:

An updated instance of this builder with the tenant id set as specified.

executorService

public T executorService(ExecutorService executorService)

Specifies the ExecutorService to be used to execute the authentication requests. Developer is responsible for maintaining the lifecycle of the ExecutorService.

If this is not configured, the common fork join pool will be used which is also shared with other application tasks. If the common pool is heavily used for other tasks, authentication requests might starve and setting up this executor service should be considered.

The executor service and can be safely shutdown if the TokenCredential is no longer being used by the Azure SDK clients and should be shutdown before the application exits.

Parameters:

executorService - the executor service to use for executing authentication requests.

Returns:

An updated instance of this builder with the executor service set as specified.

additionallyAllowedTenants

public T additionallyAllowedTenants(String... additionallyAllowedTenants)

For multi-tenant applications, specifies additional tenants for which the credential may acquire tokens. Add the wildcard value "*" to allow the credential to acquire tokens for any tenant on which the application is installed.

Parameters:

additionallyAllowedTenants - the additionally allowed tenants.

Returns:

An updated instance of this builder with the additional tenants configured.

additionallyAllowedTenants

public T additionallyAllowedTenants(List<String> additionallyAllowedTenants)

For multi-tenant applications, specifies additional tenants for which the credential may acquire tokens. Add the wildcard value "*" to allow the credential to acquire tokens for any tenant on which the application is installed.

Parameters:

additionallyAllowedTenants - the additionally allowed tenants.

Returns:

An updated instance of this builder with the additional tenants configured.

disableInstanceDiscovery

public T disableInstanceDiscovery()

Disables the setting which determines whether or not instance discovery is performed when attempting to authenticate. This will completely disable both instance discovery and authority validation. This functionality is intended for use in scenarios where the metadata endpoint cannot be reached, such as in private clouds or Azure Stack. The process of instance discovery entails retrieving authority metadata from https://login.microsoft.com/ to validate the authority. By utilizing this API, the validation of the authority is disabled. As a result, it is crucial to ensure that the configured authority host is valid and trustworthy.

Returns:

An updated instance of this builder with instance discovery disabled.