Microsoft.Identity.Client.Internal.ClientCredential.CredentialContext

sealed class CredentialContext

Immutable input context passed to GetCredentialMaterialAsync. Consolidates all credential-resolution inputs into a single object, eliminating the direct coupling to OAuth2Client and AuthenticationRequestParameters that existed in the previous API.

public string Authority { get; set; }

Canonical authority URL (e.g., https://login.microsoftonline.com/{tenantId}).

public string Claims { get; set; }

User-provided claims string (may be null).

public string ClientAssertionFmiPath { get; set; }

FMI path used to embed a subject suffix in the client assertion.

public IEnumerable<string> ClientCapabilities { get; set; }

Client capabilities configured on the application.

public string ClientId { get; set; }

Application (client) identifier.

public Guid CorrelationId { get; set; }

Correlation ID for end-to-end request tracing.

public ICryptographyManager CryptographyManager { get; set; }

Platform cryptography manager used for JWT signing.

public string ExtraClientAssertionClaims { get; set; }

Extra claims to embed in the client assertion (request-level override).

public ILoggerAdapter Logger { get; set; }

Logger for credential resolution diagnostics.

public CredentialTransportProtocol Mode { get; set; }

Whether this is a standard (JWT / secret) request or an mTLS-bound request.

public bool SendX5C { get; set; }

Whether the x5c (certificate chain) claim should be included in the assertion.

public string TenantId { get; set; }

Tenant ID from the runtime authority.

public string TokenEndpoint { get; set; }

Full token endpoint URL for the current request.

public bool UseSha2 { get; set; }

Whether to use SHA-2 for certificate-based assertions (authority-driven).

public CredentialContext()