AuthenticationFailedException An exception class raised for errors in authenticating client requests.

 AuthenticationRecord Account information relating to an authentication request.

 AuthenticationRequiredException An exception indicating that interactive authentication is required.

 AuthorizationCodeCredential Authenticates by redeeming an authorization code previously obtained from Microsoft Entra ID. See for more information about the authorization code authentication flow.

 AuthorizationCodeCredentialOptions Options used to configure the .

 AzureCliCredential Enables authentication to Microsoft Entra ID using Azure CLI to obtain an access token.

 AzureCliCredentialOptions Options for configuring the .

 AzureDeveloperCliCredential Enables authentication to Microsoft Entra ID using Azure Developer CLI to obtain an access token.

 AzureDeveloperCliCredentialOptions Options for configuring the .

 AzurePipelinesCredential Credential which authenticates using an Azure Pipelines service connection. For usage instructions, see Authenticating in Azure Pipelines with service connections.

 AzurePipelinesCredentialOptions Options used to configure the .

 AzurePowerShellCredential Enables authentication to Microsoft Entra ID using Azure PowerShell to obtain an access token.

 AzurePowerShellCredentialOptions Options for configuring the .

 BrowserCustomizationOptions Options to customize browser view.

 ChainedTokenCredential Provides a implementation which chains multiple implementations to be tried in order until one of the GetToken methods returns a non-default . For more information, see ChainedTokenCredential overview.

 ClientAssertionCredential Enables authentication of a Microsoft Entra service principal using a signed client assertion.

 ClientAssertionCredentialOptions Options used to configure the .

 ClientCertificateCredential Enables authentication of a service principal to Microsoft Entra ID using a X509 certificate that is assigned to its App Registration. More information on how to configure certificate authentication can be found at .

 ClientCertificateCredentialOptions Options used to configure the .

 ClientSecretCredential Enables authentication to Microsoft Entra ID using a client secret that was generated for an App Registration. More information on how to configure a client secret can be found at .

 ClientSecretCredentialOptions Options used to configure the .

 CredentialUnavailableException An exception indicating a did not attempt to authenticate and retrieve , as its prerequisite information or state was not available.

 DefaultAzureCredential Simplifies authentication while developing apps that deploy to Azure by combining credentials used in Azure hosting environments with credentials used in local development. In production, it's better to use something else. See Usage guidance for DefaultAzureCredential. Attempts to authenticate with each of these credentials, in the following order, stopping when one provides a token: (enabled by default for SSO with VS Code on supported platforms when Azure.Identity.Broker is installed)BrokerCredential (a broker-enabled instance of that requires Azure.Identity.Broker is installed) Consult the documentation of these credentials for more information on how they attempt authentication.

 DefaultAzureCredentialOptions Options to configure the authentication flow and requests made to Azure Identity services.

 DeviceCodeCredential A implementation which authenticates a user using the device code flow, and provides access tokens for that user account. For more information on the device code authentication flow see https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/wiki/Device-Code-Flow.

 DeviceCodeCredentialOptions Options to configure the .

 EnvironmentCredential Enables authentication to Microsoft Entra ID using a client secret or certificate. Configuration is attempted in this order, using these environment variables: Service principal with secret:VariableDescriptionAZURE_TENANT_IDThe Microsoft Entra tenant (directory) ID.AZURE_CLIENT_IDThe client (application) ID of an App Registration in the tenant.AZURE_CLIENT_SECRETA client secret that was generated for the App Registration.Service principal with certificate:VariableDescriptionAZURE_TENANT_IDThe Microsoft Entra tenant (directory) ID.AZURE_CLIENT_IDThe client (application) ID of an App Registration in the tenant.AZURE_CLIENT_CERTIFICATE_PATHPath to the client certificate and the private key. The path must be to either a "pfx"- or "pem"-encoded certificate on disk, or a certificate in the platform certificate store by thumbprint. For example: c:\data\certificate.pfx/etc/app/cert.pemcert:/CurrentUser/My/E661583E8FABEF4C0BEF694CBC41C28FB81CD870AZURE_CLIENT_CERTIFICATE_PASSWORD(Optional) The password protecting the certificate file (currently only supported for PFX (PKCS12) certificates).AZURE_CLIENT_SEND_CERTIFICATE_CHAIN(Optional) Specifies whether an authentication request will include an x5c header to support subject name / issuer based authentication. When set to `true` or `1`, authentication requests include the x5c header.Username and password:VariableDescriptionAZURE_TENANT_IDThe Microsoft Entra tenant (directory) ID.AZURE_CLIENT_IDThe client (application) ID of an App Registration in the tenant. This credential ultimately uses a or to perform the authentication using these details. Please consult the documentation of those classes for more details.

 EnvironmentCredentialOptions Options used to configure the .

 InteractiveBrowserCredential A implementation which launches the system default browser to interactively authenticate a user and obtain an access token. The browser will only be launched to authenticate the user once, then will silently acquire access tokens through the user's refresh token as long as it's valid. For usage instructions, see Interactive browser authentication.

 InteractiveBrowserCredentialOptions Options to configure the .

 ManagedIdentityCredential Attempts authentication using a managed identity that has been assigned to the deployment environment. This authentication type works for all Azure-hosted environments that support managed identity. For end-to-end guidance, see user-assigned managed identity or system-assigned managed identity.

 ManagedIdentityCredentialOptions Options used to configure the .

 ManagedIdentityId Defines the configuration for a managed identity enabled on a resource.

 OnBehalfOfCredential Enables authentication to Microsoft Entra ID using an On-Behalf-Of flow.

 OnBehalfOfCredentialOptions

 SharedTokenCacheCredential Authenticates using tokens in a local cache file. This is a legacy mechanism for authenticating clients using credentials provided to Visual Studio. This mechanism for Visual Studio authentication has been replaced by the .

 SharedTokenCacheCredentialOptions Options to configure the authentication.

 TokenCachePersistenceOptions Options controlling the storage of the token cache.

 TokenCacheRefreshArgs Args sent to TokenCache OnBefore and OnAfter events.

 TokenCacheUpdatedArgs Data regarding an update of a token cache.

 TokenCredentialDiagnosticsOptions Exposes client options related to logging, telemetry, and distributed tracing.

 TokenCredentialOptions Options to configure requests made to the OAUTH identity service.

 UsernamePasswordCredential Enables authentication to Microsoft Entra ID using a user's username and password. If the user has MFA enabled this credential will fail to get a token throwing an . Also, this credential requires a high degree of trust and is not recommended outside of prototyping when more secure credentials can be used.

 UsernamePasswordCredentialOptions Options to configure the .

 VisualStudioCodeCredential Enables authentication to Microsoft Entra ID as the user signed in to Visual Studio Code via the broker.

 VisualStudioCodeCredentialOptions Options for configuring the .

 VisualStudioCredential Enables authentication to Microsoft Entra ID using data from Visual Studio 2017 or later. See for more information on how to configure Visual Studio for Azure development.

 VisualStudioCredentialOptions Options for configuring the .

 WorkloadIdentityCredential WorkloadIdentityCredential supports Microsoft Entra Workload ID authentication on Kubernetes and other hosts supporting workload identity. Refer to Microsoft Entra Workload ID for more information.

 WorkloadIdentityCredentialOptions Options used to configure the .

 DeviceCodeInfo Details of the device code to present to a user to allow them to authenticate through the device code authentication flow.

 TokenCacheData Details related to a cache delegate.

 AzureAuthorityHosts Defines fields exposing the well known authority hosts for the Azure Public Cloud and sovereign clouds.

 ConfigurationExtensions Provides extension methods for interface.

 IdentityModelFactory Model factory that enables mocking for the Azure Identity library.

 UnsafeTokenCacheOptions Options controlling the storage of the token cache.