<PackageReference Include="Microsoft.Identity.Client" Version="4.84.1" />

Microsoft.Identity.Client.ApplicationOptions

public abstract class ApplicationOptions : BaseApplicationOptions
Base class for options objects with string values loadable from a configuration file (for instance a JSON file, as in an asp.net configuration scenario) See https://aka.ms/msal-net-application-configuration See also derived classes PublicClientApplicationOptions and ConfidentialClientApplicationOptions

Sign-in audience. This property is mutually exclusive with TenantId. If both are provided, an exception will be thrown.

Specific instance in the case of Azure Active Directory. It allows users to use the enum instead of the explicit URL. This property is mutually exclusive with Instance. If both are provided, an exception will be thrown.

public IEnumerable<string> ClientCapabilities { get; set; }

Microsoft Identity specific OIDC extension that allows resource challenges to be resolved without interaction. Allows configuration of one or more client capabilities, e.g. "llt"

public string ClientId { get; set; }

Client ID (also known as App ID) of the application as registered in the application registration portal (https://aka.ms/msal-net-register-app)

public string ClientName { get; set; }

The name of the calling application for telemetry purposes.

public string ClientVersion { get; set; }

The version of the calling application for telemetry purposes.

public string Instance { get; set; }

STS instance (for instance https://login.microsoftonline.com for the Azure public cloud). The name was chosen to ensure compatibility with AzureAdOptions in ASP.NET Core. This property is mutually exclusive with AzureCloudInstance. If both are provided, an exception will be thrown.

public string KerberosServicePrincipalName { get; set; }

Service principal name for Kerberos Service Ticket.

public bool LegacyCacheCompatibilityEnabled { get; set; }

Enables legacy ADAL cache serialization and deserialization.

public string RedirectUri { get; set; }

This redirect URI needs to be registered in the app registration. See https://aka.ms/msal-net-register-app for details on which redirect URIs are defined by default by MSAL.NET and how to register them. Also use: WithDefaultRedirectUri which provides a good default for public client applications for all platforms. For web apps and web APIs, the redirect URI is computed from the URL where the application is running (for instance, baseUrl//signin-oidc for ASP.NET Core web apps). For daemon applications (confidential client applications using only the Client Credential flow that is calling AcquireTokenForClient), no reply URI is needed.

public string TenantId { get; set; }

Tenant from which the application will allow users to sign it. This can be: a domain associated with a tenant, a GUID (tenant id), or a meta-tenant (e.g. consumers). This property is mutually exclusive with AadAuthorityAudience. If both are provided, an exception will be thrown.

Kerberos Service Ticket container to be used.

protected ApplicationOptions()