Class ClientSecretCredentialBuilder
- All Implemented Interfaces:
com.azure.core.client.traits.HttpTrait<ClientSecretCredentialBuilder>
ClientSecretCredential
.
The ClientSecretCredential
acquires a token via service principal authentication. It is a type of
authentication in Azure that enables a non-interactive login to
Azure Active Directory (Azure AD)
, allowing an application or service to authenticate itself with Azure resources.
A Service Principal is essentially an identity created for an application in Azure AD that can be used to
authenticate with Azure resources. It's like a "user identity" for the application or service, and it provides
a way for the application to authenticate itself with Azure resources without needing to use a user's credentials.
Azure Active Directory
(Azure AD) allows users to register service principals which can be used as an identity for authentication.
A client secret associated with the registered service principal is used as the password when authenticating the
service principal.
The ClientSecretCredential
acquires an access token with a client secret for a service principal/registered
AAD application. The tenantId, clientId and clientSecret of the service principal are required for this credential
to acquire an access token. It can be used both in Azure hosted and local development environments for
authentication. For more information refer to the
conceptual knowledge and configuration
details.
Sample: Construct a simple ClientSecretCredential
The following code sample demonstrates the creation of a ClientSecretCredential
,
using the ClientSecretCredentialBuilder
to configure it. The tenantId
,
clientId
and clientSecret
parameters are required to create
ClientSecretCredential
.Once this credential is created, it may be passed into the
builder of many of the Azure SDK for Java client builders as the 'credential' parameter.
TokenCredential clientSecretCredential = new ClientSecretCredentialBuilder() .tenantId(tenantId) .clientId(clientId) .clientSecret(clientSecret) .build();
Sample: Construct a ClientSecretCredential behind a proxy
The following code sample demonstrates the creation of a ClientSecretCredential
,
using the ClientSecretCredentialBuilder
to configure it. The tenantId
,
clientId
and clientSecret
parameters are required to create
ClientSecretCredential
. The proxyOptions
can be optionally configured to target
a proxy. Once this credential is created, it may be passed into the builder of many of the Azure SDK for Java
client builders as the 'credential' parameter.
TokenCredential secretCredential = new ClientSecretCredentialBuilder() .tenantId(tenantId) .clientId(clientId) .clientSecret(clientSecret) .proxyOptions(new ProxyOptions(Type.HTTP, new InetSocketAddress("10.21.32.43", 5465))) .build();
- See Also:
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionbuild()
Creates a newClientCertificateCredential
with the current configurations.clientSecret
(String clientSecret) Sets the client secret for the authentication.tokenCachePersistenceOptions
(TokenCachePersistenceOptions tokenCachePersistenceOptions) Configures the persistent shared token cache options and enables the persistent token cache which is disabled by default.Methods inherited from class com.azure.identity.AadCredentialBuilderBase
additionallyAllowedTenants, additionallyAllowedTenants, authorityHost, clientId, disableInstanceDiscovery, executorService, tenantId
Methods inherited from class com.azure.identity.CredentialBuilderBase
addPolicy, clientOptions, configuration, enableAccountIdentifierLogging, httpClient, httpLogOptions, httpPipeline, maxRetry, pipeline, proxyOptions, retryOptions, retryPolicy, retryTimeout
-
Constructor Details
-
ClientSecretCredentialBuilder
public ClientSecretCredentialBuilder()
-
-
Method Details
-
clientSecret
Sets the client secret for the authentication.- Parameters:
clientSecret
- the secret value of the AAD application.- Returns:
- An updated instance of this builder.
-
tokenCachePersistenceOptions
public ClientSecretCredentialBuilder tokenCachePersistenceOptions(TokenCachePersistenceOptions tokenCachePersistenceOptions) Configures the persistent shared token cache options and enables the persistent token cache which is disabled by default. If configured, the credential will store tokens in a cache persisted to the machine, protected to the current user, which can be shared by other credentials and processes.- Parameters:
tokenCachePersistenceOptions
- the token cache configuration options- Returns:
- An updated instance of this builder with the token cache options configured.
-
build
Creates a newClientCertificateCredential
with the current configurations.- Returns:
- a
ClientSecretCredentialBuilder
with the current configurations.
-