Microsoft.Identity.Client.ManagedIdentity.V2.ImdsV2ManagedIdentitySource

class ImdsV2ManagedIdentitySource : IImdsV2MtlsBindingSource

public const string AcquireEntraTokenPath = "/oauth2/v2.0/token"

public const string ApiVersionQueryParam = "cred-api-version"

public const string CertificateRequestPath = "/metadata/identity/issuecredential"

public const string CsrMetadataPath = "/metadata/identity/getplatformmetadata"

public const string ImdsV2ApiVersion = "2.0"

public static ImdsV2ManagedIdentitySource Create(RequestContext requestContext)

public static Task<CsrMetadata> GetCsrMetadataAsync(RequestContext requestContext)

public Task<MtlsBindingInfo> AcquireMtlsBindingForDelegationAsync(AcquireTokenForManagedIdentityParameters parameters, bool forceRemint, CancellationToken cancellationToken)

Mint-only entrypoint used by the internal-exchange delegation path. Sets the attestation provider and mTLS-PoP flag from the request parameters, optionally evicts a rejected cert (invalid_client / SCHANNEL re-mint), and returns the mTLS binding. Does NOT send the token request.