Microsoft.Identity.Client.AbstractApplicationBuilder<T>
public abstract class AbstractApplicationBuilder<T> : BaseAbstractApplicationBuilder<T> where T : BaseAbstractApplicationBuilder<T>
Adds a known Authority corresponding to an ADFS server. See https://aka.ms/msal-net-adfs
Adds a known authority to the application. See Application configuration options.
This constructor is mainly used for scenarios where the authority is not a standard Azure AD authority,
nor an ADFS authority, nor an Azure AD B2C authority. For Azure AD, even in sovereign clouds, prefer
using other overrides such as WithAuthority
Adds a known Azure AD authority to the application to sign-in users specifying
the full authority URI. See Application configuration options.
Adds a known Azure AD authority to the application to sign-in users from a single
organization (single-tenant application) specified by its tenant ID. See Application configuration options.
Adds a known Azure AD authority to the application to sign-in users from a single
organization (single-tenant application) described by its domain name. See https://aka.ms/msal-net-application-configuration.
public T WithAuthority(AzureCloudInstance azureCloudInstance, Guid tenantId, bool validateAuthority = true)
Adds a known Azure AD authority to the application to sign-in users from a single
organization (single tenant application) described by its cloud instance and its tenant ID.
See https://aka.ms/msal-net-application-configuration.
public T WithAuthority(AzureCloudInstance azureCloudInstance, string tenant, bool validateAuthority = true)
Adds a known Azure AD authority to the application to sign-in users from a single
organization (single-tenant application) described by its cloud instance and its domain
name or tenant ID. See https://aka.ms/msal-net-application-configuration.
public T WithAuthority(AzureCloudInstance azureCloudInstance, AadAuthorityAudience authorityAudience, bool validateAuthority = true)
Adds a known Azure AD authority to the application to sign-in users specifying
the cloud instance and the sign-in audience. See https://aka.ms/msal-net-application-configuration.
Adds a known Azure AD authority to the application to sign-in users specifying
the sign-in audience (the cloud being the Azure public cloud). See https://aka.ms/msal-net-application-configuration.
Adds a known authority corresponding to an Azure AD B2C policy.
See https://aka.ms/msal-net-b2c-specificities
Options for MSAL token caches.
MSAL maintains a token cache internally in memory. By default, this cache object is part of each instance of PublicClientApplication or ConfidentialClientApplication.
This method allows customization of the in-memory token cache of MSAL.
MSAL's memory cache is different than token cache serialization. Cache serialization pulls the tokens from a cache (e.g. Redis, Cosmos, or a file on disk),
where they are stored in JSON format, into MSAL's internal memory cache. Memory cache operations do not involve JSON operations.
External cache serialization remains the recommended way to handle desktop apps, web site and web APIs, as it provides persistence. These options
do not currently control external cache serialization.
Detailed guidance for each application type and platform:
https://aka.ms/msal-net-token-cache-serialization
Microsoft Identity specific OIDC extension that allows resource challenges to be resolved without interaction.
Allows configuration of one or more client capabilities, e.g. "llt"
Sets the Client ID of the application
Sets Extra Query Parameters for the query string in the HTTP authentication request
Sets Extra Query Parameters for the query string in the HTTP authentication request
public T WithExtraQueryParameters(IDictionary<string, ValueTuple<string, bool>> extraQueryParameters)
Sets Extra Query Parameters for the query string in the HTTP authentication request with control over which parameters are included in the cache key
Allows developers to configure their own valid authorities. A json string similar to https://aka.ms/aad-instance-discovery should be provided.
MSAL uses this information to:
Call REST APIs on the environment specified in the preferred_networkIdentify an environment under which to save tokens and accounts in the cacheUse the environment aliases to match tokens issued to other authorities
For more details see https://aka.ms/msal-net-custom-instance-metadata
Lets an organization setup their own service to handle instance discovery, which enables better caching for microservice/service environments.
A Uri that returns a response similar to https://aka.ms/aad-instance-discovery should be provided. MSAL uses this information to:
Call REST APIs on the environment specified in the preferred_networkIdentify an environment under which to save tokens and accounts in the cacheUse the environment aliases to match tokens issued to other authorities
For more details see https://aka.ms/msal-net-custom-instance-metadata
Determines whether or not instance discovery is performed when attempting to authenticate. Setting this to false will completely disable
instance discovery and authority validation. This will not affect the behavior of application configured with regional endpoints however.
Allows developers to configure their own valid authorities. A json string similar to https://aka.ms/aad-instance-discovery should be provided.
MSAL uses this information to:
Call REST APIs on the environment specified in the preferred_networkIdentify an environment under which to save tokens and accounts in the cacheUse the environment aliases to match tokens issued to other authorities
For more details see https://aka.ms/msal-net-custom-instance-metadata
Lets an organization setup their own service to handle instance discovery, which enables better caching for microservice/service environments.
A Uri that returns a response similar to https://aka.ms/aad-instance-discovery should be provided. MSAL uses this information to:
Call REST APIs on the environment specified in the preferred_networkIdentify an environment under which to save tokens and accounts in the cacheUse the environment aliases to match tokens issued to other authorities
For more details see https://aka.ms/msal-net-custom-instance-metadata
Enables legacy ADAL cache serialization and deserialization.
Sets application options, which can, for instance have been read from configuration files.
See https://aka.ms/msal-net-application-configuration.
Sets the redirect URI of the application. The URI must also be registered in the application portal.
See https://aka.ms/msal-net-application-configuration
Generate telemetry aggregation events.
Sets the tenant ID of the organization from which the application will let
users sign-in. This is classically a GUID or a domain name. See https://aka.ms/msal-net-application-configuration.
Although it is also possible to set tenantId to common,
organizations, and consumers, it's recommended to use one of the
overrides of WithAuthority.