Class AuthenticationManager
This manager class can be used to obtain a SharePoint Client Context object
Inheritance
Namespace: PnP.Framework
Assembly: PnP.Framework.dll
Syntax
public class AuthenticationManager : IDisposableConstructors
AuthenticationManager()
Empty constructor, to be used if you want to execute ACS based authentication methods.
Declaration
public AuthenticationManager()AuthenticationManager(IAuthenticationProvider)
Creates an AuthenticationManager for the given PnP Core SDK
Declaration
public AuthenticationManager(IAuthenticationProvider authenticationProvider)Parameters
|
IAuthenticationProvider
authenticationProvider
PnP Core SDK |
AuthenticationManager(PnPContext)
Creates an AuthenticationManager for the given PnP Core SDK
Declaration
public AuthenticationManager(PnPContext pnPContext)Parameters
|
PnPContext
pnPContext
PnP Core SDK |
AuthenticationManager(SecureString)
Declaration
public AuthenticationManager(SecureString accessToken)Parameters
|
SecureString
accessToken
|
AuthenticationManager(String, Action<String, Int32>, String, String, String, AzureEnvironment, Action<ITokenCache>, Boolean)
Creates a new instance of the Authentication Manager to acquire access tokens and client contexts using the Azure AD Interactive flow.
Declaration
public AuthenticationManager(string clientId, Action<string, int> openBrowserCallback, string tenantId = null, string successMessageHtml = null, string failureMessageHtml = null, AzureEnvironment azureEnvironment = default(AzureEnvironment), Action<ITokenCache> tokenCacheCallback = null, bool useWAM = false)Parameters
|
System.String
clientId
The client id of the Azure AD application to use for authentication |
|
Action<System.String, System.Int32>
openBrowserCallback
This callback will be called providing the URL and port to open during the authentication flow |
|
System.String
tenantId
Optional tenant id or tenant url |
|
System.String
successMessageHtml
Allows you to override the success message. Notice that a success header message will be added. |
|
System.String
failureMessageHtml
llows you to override the failure message. Notice that a failed header message will be added and the error message will be appended. |
|
AzureEnvironment
azureEnvironment
The azure environment to use. Defaults to AzureEnvironment.Production |
|
Action<ITokenCache>
tokenCacheCallback
If present, after setting up the base flow for authentication this callback will be called to register a custom tokencache. See https://aka.ms/msal-net-token-cache-serialization. |
|
System.Boolean
useWAM
If true, uses WAM for authentication. Works only on Windows OS |
AuthenticationManager(String, Func<DeviceCodeResult, Task>, AzureEnvironment, Action<ITokenCache>)
Creates a new instance of the Authentication Manager to acquire authenticated ClientContexts through device code authentication
Declaration
public AuthenticationManager(string clientId, Func<DeviceCodeResult, Task> deviceCodeCallback, AzureEnvironment azureEnvironment = default(AzureEnvironment), Action<ITokenCache> tokenCacheCallback = null)Parameters
|
System.String
clientId
The client id of the Azure AD application to use for authentication |
|
Func<DeviceCodeResult, Task>
deviceCodeCallback
The callback that will be called with device code information. |
|
AzureEnvironment
azureEnvironment
The azure environment to use. Defaults to AzureEnvironment.Production |
|
Action<ITokenCache>
tokenCacheCallback
If present, after setting up the base flow for authentication this callback will be called register a custom tokencache. See https://aka.ms/msal-net-token-cache-serialization. |
AuthenticationManager(String, StoreName, StoreLocation, String, String, String, AzureEnvironment, Action<ITokenCache>)
Creates a new instance of the Authentication Manager to acquire authenticated ClientContexts.
Declaration
public AuthenticationManager(string clientId, StoreName storeName, StoreLocation storeLocation, string thumbPrint, string tenantId, string redirectUrl = null, AzureEnvironment azureEnvironment = default(AzureEnvironment), Action<ITokenCache> tokenCacheCallback = null)Parameters
|
System.String
clientId
The client id of the Azure AD application to use for authentication |
|
StoreName
storeName
The name of the certificate store to find the certificate in. |
|
StoreLocation
storeLocation
The location of the certificate store to find the certificate in. |
|
System.String
thumbPrint
The thumbprint of the certificate to use. |
|
System.String
tenantId
The tenant id (guid) or name (e.g. contoso.onmicrosoft.com) |
|
System.String
redirectUrl
Optional redirect URL to use for authentication as set up in the Azure AD Application |
|
AzureEnvironment
azureEnvironment
The azure environment to use. Defaults to AzureEnvironment.Production |
|
Action<ITokenCache>
tokenCacheCallback
If present, after setting up the base flow for authentication this callback will be called register a custom tokencache. See https://aka.ms/msal-net-token-cache-serialization. |
AuthenticationManager(String, String, Func<DeviceCodeResult, Task>, AzureEnvironment, Action<ITokenCache>)
Creates a new instance of the Authentication Manager to acquire authenticated ClientContexts through device code authentication
Declaration
public AuthenticationManager(string clientId, string tenantId, Func<DeviceCodeResult, Task> deviceCodeCallback, AzureEnvironment azureEnvironment = default(AzureEnvironment), Action<ITokenCache> tokenCacheCallback = null)Parameters
|
System.String
clientId
The client id of the Azure AD application to use for authentication |
|
System.String
tenantId
Optional tenant id or tenant url |
|
Func<DeviceCodeResult, Task>
deviceCodeCallback
The callback that will be called with device code information. |
|
AzureEnvironment
azureEnvironment
The azure environment to use. Defaults to AzureEnvironment.Production |
|
Action<ITokenCache>
tokenCacheCallback
If present, after setting up the base flow for authentication this callback will be called register a custom tokencache. See https://aka.ms/msal-net-token-cache-serialization. |
AuthenticationManager(String, String, ManagedIdentityType, String)
Creates a new instance of the Authentication Manager that works with a System Assigned or User Assigned Managed Identity in Azure
Declaration
public AuthenticationManager(string endpoint, string identityHeader, ManagedIdentityType managedIdentityType = default(ManagedIdentityType), string managedIdentityUserAssignedIdentifier = null)Parameters
|
System.String
endpoint
The endpoint at which the Managed Identity Service is being hosted from which a token can be acquired |
|
System.String
identityHeader
Identity header available as an environment variable in Azure. Used to help mitigate server-side request forgery (SSRF) attacks. |
|
ManagedIdentityType
managedIdentityType
Type of Managed Identity that should be used. Defaults to System Assigned Managed Identity. |
|
System.String
managedIdentityUserAssignedIdentifier
The identifier of the User Assigned Managed Identity. Can be the clientId, objectId or resourceId. Mandatory when |
AuthenticationManager(String, String, SecureString, String, AzureEnvironment, Action<ITokenCache>)
Creates a new instance of the Authentication Manager to acquire authenticated ClientContexts.
Declaration
public AuthenticationManager(string clientId, string username, SecureString password, string redirectUrl = null, AzureEnvironment azureEnvironment = default(AzureEnvironment), Action<ITokenCache> tokenCacheCallback = null)Parameters
|
System.String
clientId
The client id of the Azure AD application to use for authentication |
|
System.String
username
The username to use for authentication |
|
SecureString
password
The password to use for authentication |
|
System.String
redirectUrl
Optional redirect URL to use for authentication as set up in the Azure AD Application |
|
AzureEnvironment
azureEnvironment
The azure environment to use. Defaults to AzureEnvironment.Production |
|
Action<ITokenCache>
tokenCacheCallback
If present, after setting up the base flow for authentication this callback will be called register a custom tokencache. See https://aka.ms/msal-net-token-cache-serialization. |
AuthenticationManager(String, String, String, AzureEnvironment, Action<ITokenCache>, ICustomWebUi, Boolean)
Creates a new instance of the Authentication Manager to acquire access tokens and client contexts using the Azure AD Interactive flow.
Declaration
public AuthenticationManager(string clientId, string redirectUrl = null, string tenantId = null, AzureEnvironment azureEnvironment = default(AzureEnvironment), Action<ITokenCache> tokenCacheCallback = null, ICustomWebUi customWebUi = null, bool useWAM = false)Parameters
|
System.String
clientId
The client id of the Azure AD application to use for authentication |
|
System.String
redirectUrl
Optional redirect URL to use for authentication as set up in the Azure AD Application |
|
System.String
tenantId
Optional tenant id or tenant url |
|
AzureEnvironment
azureEnvironment
The azure environment to use. Defaults to AzureEnvironment.Production |
|
Action<ITokenCache>
tokenCacheCallback
If present, after setting up the base flow for authentication this callback will be called register a custom tokencache. See https://aka.ms/msal-net-token-cache-serialization. |
|
ICustomWebUi
customWebUi
Optional ICustomWebUi object to fully customize the feedback behavior |
|
System.Boolean
useWAM
If true, uses WAM for authentication. Works only for Windows OS platform |
AuthenticationManager(String, String, String, String, ManagedIdentityType, String)
Creates a new instance of the Authentication Manager that works with a User Assigned Managed Identity (MI) in Azure configured as a Federated Identity Credential on an Entra ID application registration.
Declaration
public AuthenticationManager(string endpoint, string identityHeader, string appClientId, string appTenantId, ManagedIdentityType managedIdentityType, string managedIdentityUserAssignedIdentifier)Parameters
|
System.String
endpoint
The endpoint at which the Managed Identity Service is being hosted from which a token can be acquired |
|
System.String
identityHeader
Identity header available as an environment variable in Azure. Used to help mitigate server-side request forgery (SSRF) attacks. |
|
System.String
appClientId
Client ID of the Entra ID application registration where the MI is added as a Federated Identity Credential. If you intend to access Graph/SPO in another tenant, this must be a multi-tenant application. A service principal for the same app should be created/consented to in target tenant. |
|
System.String
appTenantId
Tenant ID of the Entra ID application registration where the MI is added as a Federated Identity Credential. This must be registered in same tenant as the MI. |
|
ManagedIdentityType
managedIdentityType
Type of Managed Identity that should be used. Cannot be System Assigned. |
|
System.String
managedIdentityUserAssignedIdentifier
The identifier of the User Assigned Managed Identity. Can be the clientId, objectId or resourceId. |
AuthenticationManager(String, String, String, String, String, AzureEnvironment, Action<ITokenCache>)
Creates a new instance of the Authentication Manager to acquire authenticated ClientContexts.
Declaration
public AuthenticationManager(string clientId, string certificatePath, string certificatePassword, string tenantId, string redirectUrl = null, AzureEnvironment azureEnvironment = default(AzureEnvironment), Action<ITokenCache> tokenCacheCallback = null)Parameters
|
System.String
clientId
The client id of the Azure AD application to use for authentication |
|
System.String
certificatePath
A valid path to a certificate file |
|
System.String
certificatePassword
The password for the certificate |
|
System.String
tenantId
The tenant id (guid) or name (e.g. contoso.onmicrosoft.com) |
|
System.String
redirectUrl
Optional redirect URL to use for authentication as set up in the Azure AD Application |
|
AzureEnvironment
azureEnvironment
The azure environment to use. Defaults to AzureEnvironment.Production |
|
Action<ITokenCache>
tokenCacheCallback
If present, after setting up the base flow for authentication this callback will be called register a custom tokencache. See https://aka.ms/msal-net-token-cache-serialization. |
AuthenticationManager(String, String, UserAssertion, String, AzureEnvironment, Action<ITokenCache>)
Creates a new instance of the Authentication Manager to acquire authenticated ClientContext.
Declaration
public AuthenticationManager(string clientId, string clientSecret, UserAssertion userAssertion, string tenantId = null, AzureEnvironment azureEnvironment = default(AzureEnvironment), Action<ITokenCache> tokenCacheCallback = null)Parameters
|
System.String
clientId
The client id of the Azure AD application to use for authentication. |
|
System.String
clientSecret
The client secret of the Azure AD application to use for authentication. |
|
UserAssertion
userAssertion
The user assertion (token) of the user on whose behalf to acquire the context |
|
System.String
tenantId
Optional tenant id or tenant url |
|
AzureEnvironment
azureEnvironment
The azure environment to use. Defaults to AzureEnvironment.Production |
|
Action<ITokenCache>
tokenCacheCallback
|
AuthenticationManager(String, X509Certificate2, String, String, AzureEnvironment, Action<ITokenCache>)
Creates a new instance of the Authentication Manager to acquire authenticated ClientContexts.
Declaration
public AuthenticationManager(string clientId, X509Certificate2 certificate, string tenantId, string redirectUrl = null, AzureEnvironment azureEnvironment = default(AzureEnvironment), Action<ITokenCache> tokenCacheCallback = null)Parameters
|
System.String
clientId
The client id of the Azure AD application to use for authentication |
|
X509Certificate2
certificate
A valid certificate |
|
System.String
tenantId
Tenant id or tenant url |
|
System.String
redirectUrl
Optional redirect URL to use for authentication as set up in the Azure AD Application |
|
AzureEnvironment
azureEnvironment
The azure environment to use. Defaults to AzureEnvironment.Production |
|
Action<ITokenCache>
tokenCacheCallback
If present, after setting up the base flow for authentication this callback will be called register a custom tokencache. See https://aka.ms/msal-net-token-cache-serialization. |
Fields
CLIENTID_SPOMANAGEMENTSHELL
The client id of the Microsoft SharePoint Online Management Shell application
Declaration
public const string CLIENTID_SPOMANAGEMENTSHELL = nullField Value
|
System.String
|
Properties
CookieContainer
Declaration
public CookieContainer CookieContainer { get; set; }Property Value
|
CookieContainer
|
Methods
ClearTokenCache()
Clears the internal in-memory token cache used by MSAL
Declaration
public void ClearTokenCache()ClearTokenCacheAsync()
Clears the internal in-memory token cache used by MSAL
Declaration
public async Task ClearTokenCacheAsync()Returns
|
Task
|
CreateWithAccessToken(SecureString)
Declaration
public static AuthenticationManager CreateWithAccessToken(SecureString accessToken)Parameters
|
SecureString
accessToken
|
Returns
|
AuthenticationManager
|
CreateWithCertificate(String, StoreName, StoreLocation, String, String, String, AzureEnvironment, Action<ITokenCache>)
Creates a new instance of the Authentication Manager to acquire authenticated ClientContexts.
Declaration
public static AuthenticationManager CreateWithCertificate(string clientId, StoreName storeName, StoreLocation storeLocation, string thumbPrint, string tenantId, string redirectUrl = null, AzureEnvironment azureEnvironment = default(AzureEnvironment), Action<ITokenCache> tokenCacheCallback = null)Parameters
|
System.String
clientId
The client id of the Azure AD application to use for authentication |
|
StoreName
storeName
The name of the certificate store to find the certificate in. |
|
StoreLocation
storeLocation
The location of the certificate store to find the certificate in. |
|
System.String
thumbPrint
The thumbprint of the certificate to use. |
|
System.String
tenantId
The tenant id (guid) or name (e.g. contoso.onmicrosoft.com) |
|
System.String
redirectUrl
Optional redirect URL to use for authentication as set up in the Azure AD Application |
|
AzureEnvironment
azureEnvironment
The azure environment to use. Defaults to AzureEnvironment.Production |
|
Action<ITokenCache>
tokenCacheCallback
If present, after setting up the base flow for authentication this callback will be called register a custom tokencache. See https://aka.ms/msal-net-token-cache-serialization. |
Returns
|
AuthenticationManager
|
CreateWithCertificate(String, String, String, String, String, AzureEnvironment, Action<ITokenCache>)
Creates a new instance of the Authentication Manager to acquire authenticated ClientContexts.
Declaration
public static AuthenticationManager CreateWithCertificate(string clientId, string certificatePath, string certificatePassword, string tenantId, string redirectUrl = null, AzureEnvironment azureEnvironment = default(AzureEnvironment), Action<ITokenCache> tokenCacheCallback = null)Parameters
|
System.String
clientId
The client id of the Azure AD application to use for authentication |
|
System.String
certificatePath
A valid path to a certificate file |
|
System.String
certificatePassword
The password for the certificate |
|
System.String
tenantId
The tenant id (guid) or name (e.g. contoso.onmicrosoft.com) |
|
System.String
redirectUrl
Optional redirect URL to use for authentication as set up in the Azure AD Application |
|
AzureEnvironment
azureEnvironment
The azure environment to use. Defaults to AzureEnvironment.Production |
|
Action<ITokenCache>
tokenCacheCallback
If present, after setting up the base flow for authentication this callback will be called register a custom tokencache. See https://aka.ms/msal-net-token-cache-serialization. |
Returns
|
AuthenticationManager
|
CreateWithCertificate(String, X509Certificate2, String, String, AzureEnvironment, Action<ITokenCache>)
Creates a new instance of the Authentication Manager to acquire authenticated ClientContexts.
Declaration
public static AuthenticationManager CreateWithCertificate(string clientId, X509Certificate2 certificate, string tenantId, string redirectUrl = null, AzureEnvironment azureEnvironment = default(AzureEnvironment), Action<ITokenCache> tokenCacheCallback = null)Parameters
|
System.String
clientId
The client id of the Azure AD application to use for authentication |
|
X509Certificate2
certificate
A valid certificate |
|
System.String
tenantId
Tenant id or tenant url |
|
System.String
redirectUrl
Optional redirect URL to use for authentication as set up in the Azure AD Application |
|
AzureEnvironment
azureEnvironment
The azure environment to use. Defaults to AzureEnvironment.Production |
|
Action<ITokenCache>
tokenCacheCallback
If present, after setting up the base flow for authentication this callback will be called register a custom tokencache. See https://aka.ms/msal-net-token-cache-serialization. |
Returns
|
AuthenticationManager
|
CreateWithCredentials(String, String, SecureString, String, AzureEnvironment, Action<ITokenCache>)
Creates a new instance of the Authentication Manager to acquire authenticated ClientContexts.
Declaration
public static AuthenticationManager CreateWithCredentials(string clientId, string username, SecureString password, string redirectUrl = null, AzureEnvironment azureEnvironment = default(AzureEnvironment), Action<ITokenCache> tokenCacheCallback = null)Parameters
|
System.String
clientId
The client id of the Azure AD application to use for authentication |
|
System.String
username
The username to use for authentication |
|
SecureString
password
The password to use for authentication |
|
System.String
redirectUrl
Optional redirect URL to use for authentication as set up in the Azure AD Application |
|
AzureEnvironment
azureEnvironment
The azure environment to use. Defaults to AzureEnvironment.Production |
|
Action<ITokenCache>
tokenCacheCallback
If present, after setting up the base flow for authentication this callback will be called register a custom tokencache. See https://aka.ms/msal-net-token-cache-serialization. |
Returns
|
AuthenticationManager
|
CreateWithDeviceLogin(String, Func<DeviceCodeResult, Task>, AzureEnvironment, Action<ITokenCache>)
Creates a new instance of the Authentication Manager to acquire authenticated ClientContexts through device code authentication
Declaration
public static AuthenticationManager CreateWithDeviceLogin(string clientId, Func<DeviceCodeResult, Task> deviceCodeCallback, AzureEnvironment azureEnvironment = default(AzureEnvironment), Action<ITokenCache> tokenCacheCallback = null)Parameters
|
System.String
clientId
The client id of the Azure AD application to use for authentication |
|
Func<DeviceCodeResult, Task>
deviceCodeCallback
The callback that will be called with device code information. |
|
AzureEnvironment
azureEnvironment
The azure environment to use. Defaults to AzureEnvironment.Production |
|
Action<ITokenCache>
tokenCacheCallback
If present, after setting up the base flow for authentication this callback will be called register a custom tokencache. See https://aka.ms/msal-net-token-cache-serialization. |
Returns
|
AuthenticationManager
|
CreateWithDeviceLogin(String, String, Func<DeviceCodeResult, Task>, AzureEnvironment, Action<ITokenCache>)
Creates a new instance of the Authentication Manager to acquire authenticated ClientContexts through device code authentication
Declaration
public static AuthenticationManager CreateWithDeviceLogin(string clientId, string tenantId, Func<DeviceCodeResult, Task> deviceCodeCallback, AzureEnvironment azureEnvironment = default(AzureEnvironment), Action<ITokenCache> tokenCacheCallback = null)Parameters
|
System.String
clientId
The client id of the Azure AD application to use for authentication |
|
System.String
tenantId
Optional tenant id or tenant url |
|
Func<DeviceCodeResult, Task>
deviceCodeCallback
The callback that will be called with device code information. |
|
AzureEnvironment
azureEnvironment
The azure environment to use. Defaults to AzureEnvironment.Production |
|
Action<ITokenCache>
tokenCacheCallback
If present, after setting up the base flow for authentication this callback will be called register a custom tokencache. See https://aka.ms/msal-net-token-cache-serialization. |
Returns
|
AuthenticationManager
|
CreateWithInteractiveLogin(String, Action<String, Int32>, String, String, String, AzureEnvironment, Action<ITokenCache>, Boolean)
Creates a new instance of the Authentication Manager to acquire access tokens and client contexts using the Azure AD Interactive flow.
Declaration
public static AuthenticationManager CreateWithInteractiveLogin(string clientId, Action<string, int> openBrowserCallback, string tenantId = null, string successMessageHtml = null, string failureMessageHtml = null, AzureEnvironment azureEnvironment = default(AzureEnvironment), Action<ITokenCache> tokenCacheCallback = null, bool useWAM = false)Parameters
|
System.String
clientId
The client id of the Azure AD application to use for authentication |
|
Action<System.String, System.Int32>
openBrowserCallback
This callback will be called providing the URL and port to open during the authentication flow |
|
System.String
tenantId
Optional tenant id or tenant url |
|
System.String
successMessageHtml
Allows you to override the success message. Notice that a success header message will be added. |
|
System.String
failureMessageHtml
llows you to override the failure message. Notice that a failed header message will be added and the error message will be appended. |
|
AzureEnvironment
azureEnvironment
The azure environment to use. Defaults to AzureEnvironment.Production |
|
Action<ITokenCache>
tokenCacheCallback
If present, after setting up the base flow for authentication this callback will be called to register a custom tokencache. See https://aka.ms/msal-net-token-cache-serialization. |
|
System.Boolean
useWAM
If true, uses WAM for authentication. Works only on Windows OS. Default is false |
Returns
|
AuthenticationManager
|
CreateWithInteractiveLogin(String, String, String, AzureEnvironment, Action<ITokenCache>, ICustomWebUi, Boolean)
Creates a new instance of the Authentication Manager to acquire access tokens and client contexts using the Azure AD Interactive flow.
Declaration
public static AuthenticationManager CreateWithInteractiveLogin(string clientId, string redirectUrl = null, string tenantId = null, AzureEnvironment azureEnvironment = default(AzureEnvironment), Action<ITokenCache> tokenCacheCallback = null, ICustomWebUi customWebUi = null, bool useWAM = false)Parameters
|
System.String
clientId
The client id of the Azure AD application to use for authentication |
|
System.String
redirectUrl
Optional redirect URL to use for authentication as set up in the Azure AD Application |
|
System.String
tenantId
Optional tenant id or tenant url |
|
AzureEnvironment
azureEnvironment
The azure environment to use. Defaults to AzureEnvironment.Production |
|
Action<ITokenCache>
tokenCacheCallback
If present, after setting up the base flow for authentication this callback will be called register a custom tokencache. See https://aka.ms/msal-net-token-cache-serialization. |
|
ICustomWebUi
customWebUi
Optional ICustomWebUi object to fully customize the feedback behavior |
|
System.Boolean
useWAM
If true, uses WAM for authentication. Works only on Windows OS |
Returns
|
AuthenticationManager
|
CreateWithInteractiveWebBrowserLogin(String, Action<String, Int32>, String, String, String, AzureEnvironment, Action<ITokenCache>, Boolean)
Creates a new instance of the Authentication Manager to acquire access tokens and client contexts using the Azure AD Interactive flow.
Declaration
public static AuthenticationManager CreateWithInteractiveWebBrowserLogin(string clientId, Action<string, int> openBrowserCallback, string tenantId = null, string successFullMessageHtml = null, string failureFullMessageHtml = null, AzureEnvironment azureEnvironment = default(AzureEnvironment), Action<ITokenCache> tokenCacheCallback = null, bool useWAM = false)Parameters
|
System.String
clientId
The client id of the Azure AD application to use for authentication |
|
Action<System.String, System.Int32>
openBrowserCallback
This callback will be called providing the URL and port to open during the authentication flow |
|
System.String
tenantId
Optional tenant id or tenant url |
|
System.String
successFullMessageHtml
Allows you to override the success message. You will have to provide the full HTML document. |
|
System.String
failureFullMessageHtml
llows you to override the failure message. You will have to provide the full HTML document. |
|
AzureEnvironment
azureEnvironment
The azure environment to use. Defaults to AzureEnvironment.Production |
|
Action<ITokenCache>
tokenCacheCallback
If present, after setting up the base flow for authentication this callback will be called to register a custom tokencache. See https://aka.ms/msal-net-token-cache-serialization. |
|
System.Boolean
useWAM
If true, uses WAM for authentication. Works only on Windows OS. Default is false |
Returns
|
AuthenticationManager
|
CreateWithManagedIdentity(String, String, ManagedIdentityType, String)
Creates a new instance of the Authentication Manager that works with a System Assigned or User Assigned Managed Identity in Azure
Declaration
public static AuthenticationManager CreateWithManagedIdentity(string endpoint, string identityHeader, ManagedIdentityType managedIdentityType = default(ManagedIdentityType), string managedIdentityUserAssignedIdentifier = null)Parameters
|
System.String
endpoint
The endpoint at which the Managed Identity Service is being hosted from which a token can be acquired |
|
System.String
identityHeader
Identity header available as an environment variable in Azure. Used to help mitigate server-side request forgery (SSRF) attacks. |
|
ManagedIdentityType
managedIdentityType
Type of Managed Identity that should be used. Defaults to System Assigned Managed Identity. |
|
System.String
managedIdentityUserAssignedIdentifier
The identifier of the User Assigned Managed Identity. Can be the clientId, objectId or resourceId. Mandatory when |
Returns
|
AuthenticationManager
|
CreateWithManagedIdentityFederatedIdentityCredential(String, String, String, String, ManagedIdentityType, String)
Declaration
public static AuthenticationManager CreateWithManagedIdentityFederatedIdentityCredential(string endpoint, string identityHeader, string appClientId, string appTenantId, ManagedIdentityType managedIdentityType, string managedIdentityUserAssignedIdentifier)Parameters
|
System.String
endpoint
|
|
System.String
identityHeader
|
|
System.String
appClientId
|
|
System.String
appTenantId
|
|
ManagedIdentityType
managedIdentityType
|
|
System.String
managedIdentityUserAssignedIdentifier
|
Returns
|
AuthenticationManager
|
CreateWithOnBehalfOf(String, String, UserAssertion, String, AzureEnvironment, Action<ITokenCache>)
Creates a new instance of the Authentication Manager to acquire authenticated ClientContext.
Declaration
public static AuthenticationManager CreateWithOnBehalfOf(string clientId, string clientSecret, UserAssertion userAssertion, string tenantId = null, AzureEnvironment azureEnvironment = default(AzureEnvironment), Action<ITokenCache> tokenCacheCallback = null)Parameters
|
System.String
clientId
The client id of the Azure AD application to use for authentication. |
|
System.String
clientSecret
The client secret of the Azure AD application to use for authentication. |
|
UserAssertion
userAssertion
The user assertion (token) of the user on whose behalf to acquire the context |
|
System.String
tenantId
Optional tenant id or tenant url |
|
AzureEnvironment
azureEnvironment
The azure environment to use. Defaults to AzureEnvironment.Production |
|
Action<ITokenCache>
tokenCacheCallback
If present, after setting up the base flow for authentication this callback will be called register a custom tokencache. See https://aka.ms/msal-net-token-cache-serialization. |
Returns
|
AuthenticationManager
|
CreateWithPnPCoreSdk(IAuthenticationProvider)
Creates a new instance of the Authentication Manager to acquire an authenticated ClientContext.
Declaration
public static AuthenticationManager CreateWithPnPCoreSdk(IAuthenticationProvider authenticationProvider)Parameters
|
IAuthenticationProvider
authenticationProvider
PnP Core SDK authentication provider that will deliver the access token |
Returns
|
AuthenticationManager
|
CreateWithPnPCoreSdk(PnPContext)
Creates a new instance of the Authentication Manager to acquire an authenticated ClientContext.
Declaration
public static AuthenticationManager CreateWithPnPCoreSdk(PnPContext pnpContext)Parameters
|
PnPContext
pnpContext
PnP Core SDK authentication provider that will deliver the access token |
Returns
|
AuthenticationManager
|
Dispose()
Dispose the object
Declaration
public void Dispose()Dispose(Boolean)
called when disposing the object
Declaration
protected virtual void Dispose(bool disposing)Parameters
|
System.Boolean
disposing
|
GetAccessToken(String, CancellationToken, Prompt)
Returns an access token for a given site.
Declaration
public string GetAccessToken(string siteUrl, CancellationToken cancellationToken, Prompt prompt = null)Parameters
|
System.String
siteUrl
|
|
CancellationToken
cancellationToken
Optional cancellation token to cancel the request |
|
Prompt
prompt
The prompt style to use. Notice that this only works with the Interactive Login flow, for all other flows this parameter is ignored. |
Returns
|
System.String
|
GetAccessToken(String, Prompt)
Returns an access token for a given site.
Declaration
public string GetAccessToken(string siteUrl, Prompt prompt = null)Parameters
|
System.String
siteUrl
|
|
Prompt
prompt
The prompt style to use. Notice that this only works with the Interactive Login flow, for all other flows this parameter is ignored. |
Returns
|
System.String
|
GetAccessTokenAsync(String, CancellationToken, Prompt)
Returns an access token for a given site.
Declaration
public async Task<string> GetAccessTokenAsync(string siteUrl, CancellationToken cancellationToken, Prompt prompt = null)Parameters
|
System.String
siteUrl
|
|
CancellationToken
cancellationToken
Optional cancellation token to cancel the request |
|
Prompt
prompt
The prompt style to use. Notice that this only works with the Interactive Login flow, for all other flows this parameter is ignored. |
Returns
|
Task<System.String>
|
GetAccessTokenAsync(String, Prompt)
Returns an access token for a given site.
Declaration
public async Task<string> GetAccessTokenAsync(string siteUrl, Prompt prompt = null)Parameters
|
System.String
siteUrl
|
|
Prompt
prompt
The prompt style to use. Notice that this only works with the Interactive Login flow, for all other flows this parameter is ignored. |
Returns
|
Task<System.String>
|
GetAccessTokenAsync(String[], CancellationToken, Prompt, Uri)
Returns an access token for the given scopes.
Declaration
public async Task<string> GetAccessTokenAsync(string[] scopes, CancellationToken cancellationToken, Prompt prompt = null, Uri uri = null)Parameters
|
System.String[]
scopes
The scopes to retrieve the access token for |
|
CancellationToken
cancellationToken
Optional cancellation token to cancel the request |
|
Prompt
prompt
The prompt style to use. Notice that this only works with the Interactive Login flow, for all other flows this parameter is ignored. |
|
Uri
uri
for ClientContextType.PnPCoreSdk case as by interface definition needed for GetAccessTokenAsync |
Returns
|
Task<System.String>
|
GetAccessTokenAsync(String[], Prompt)
Returns an access token for the given scopes.
Declaration
public async Task<string> GetAccessTokenAsync(string[] scopes, Prompt prompt = null)Parameters
|
System.String[]
scopes
The scopes to retrieve the access token for |
|
Prompt
prompt
The prompt style to use. Notice that this only works with the Interactive Login flow, for all other flows this parameter is ignored. |
Returns
|
Task<System.String>
|
GetAccessTokenContext(String, Func<String, String>)
Returns a SharePoint ClientContext using a custom access token function. The function will be called with the Resource Uri and expected to return an access token as a string.
Declaration
public ClientContext GetAccessTokenContext(string siteUrl, Func<string, string> accessTokenGetter)Parameters
|
System.String
siteUrl
Site for which the ClientContext object will be instantiated |
|
Func<System.String, System.String>
accessTokenGetter
The AccessToken getter method to use |
Returns
|
ClientContext
Client context object |
GetAccessTokenContext(String, String)
Returns a SharePoint ClientContext using custom provided access token.
Declaration
public ClientContext GetAccessTokenContext(string siteUrl, string accessToken)Parameters
|
System.String
siteUrl
Site for which the ClientContext object will be instantiated |
|
System.String
accessToken
An explicit value for the AccessToken |
Returns
|
ClientContext
Client context object |
GetACSAppOnlyContext(String, String, String)
Returns an app only ClientContext object
Declaration
public ClientContext GetACSAppOnlyContext(string siteUrl, string appId, string appSecret)Parameters
|
System.String
siteUrl
Site for which the ClientContext object will be instantiated |
|
System.String
appId
Application ID which is requesting the ClientContext object |
|
System.String
appSecret
Application secret of the Application which is requesting the ClientContext object |
Returns
|
ClientContext
ClientContext to be used by CSOM code |
GetACSAppOnlyContext(String, String, String, AzureEnvironment)
Returns an app only ClientContext object
Declaration
public ClientContext GetACSAppOnlyContext(string siteUrl, string appId, string appSecret, AzureEnvironment environment = default(AzureEnvironment))Parameters
|
System.String
siteUrl
Site for which the ClientContext object will be instantiated |
|
System.String
appId
Application ID which is requesting the ClientContext object |
|
System.String
appSecret
Application secret of the Application which is requesting the ClientContext object |
|
AzureEnvironment
environment
SharePoint environment being used |
Returns
|
ClientContext
ClientContext to be used by CSOM code |
GetACSAppOnlyContext(String, String, String, String, String, String)
Returns an app only ClientContext object
Declaration
public ClientContext GetACSAppOnlyContext(string siteUrl, string realm, string appId, string appSecret, string acsHostUrl = "accesscontrol.windows.net", string globalEndPointPrefix = "accounts")Parameters
|
System.String
siteUrl
Site for which the ClientContext object will be instantiated |
|
System.String
realm
Realm of the environment (tenant) that requests the ClientContext object, may be null |
|
System.String
appId
Application ID which is requesting the ClientContext object |
|
System.String
appSecret
Application secret of the Application which is requesting the ClientContext object |
|
System.String
acsHostUrl
Azure ACS host, defaults to accesscontrol.windows.net but internal pre-production environments use other hosts |
|
System.String
globalEndPointPrefix
Azure ACS endpoint prefix, defaults to accounts but internal pre-production environments use other prefixes |
Returns
|
ClientContext
ClientContext to be used by CSOM code |
GetACSEndPoint(AzureEnvironment)
Gets the Azure ASC login end point for the given environment
Declaration
public static string GetACSEndPoint(AzureEnvironment environment)Parameters
|
AzureEnvironment
environment
Environment to get the login information for |
Returns
|
System.String
Azure ASC login endpoint |
GetACSEndPointPrefix(AzureEnvironment)
Gets the Azure ACS login end point prefix for the given environment
Declaration
public static string GetACSEndPointPrefix(AzureEnvironment environment)Parameters
|
AzureEnvironment
environment
Environment to get the login information for |
Returns
|
System.String
Azure ACS login endpoint prefix |
GetAzureADLoginEndPoint(AzureEnvironment)
Gets the Azure AD login end point for the given environment
Declaration
public string GetAzureADLoginEndPoint(AzureEnvironment environment)Parameters
|
AzureEnvironment
environment
Environment to get the login information for |
Returns
|
System.String
Azure AD login endpoint |
GetAzureAdLoginEndPointForCustomAzureEnvironmentConfiguration()
Declaration
public string GetAzureAdLoginEndPointForCustomAzureEnvironmentConfiguration()Returns
|
System.String
|
GetAzureADLoginEndPointStatic(AzureEnvironment)
Declaration
public static string GetAzureADLoginEndPointStatic(AzureEnvironment environment)Parameters
|
AzureEnvironment
environment
|
Returns
|
System.String
|
GetBuilderWithAuthority(ConfidentialClientApplicationBuilder, AzureEnvironment, String)
Declaration
public ConfidentialClientApplicationBuilder GetBuilderWithAuthority(ConfidentialClientApplicationBuilder builder, AzureEnvironment azureEnvironment, string tenantId = "")Parameters
|
ConfidentialClientApplicationBuilder
builder
|
|
AzureEnvironment
azureEnvironment
|
|
System.String
tenantId
|
Returns
|
ConfidentialClientApplicationBuilder
|
GetBuilderWithAuthority(PublicClientApplicationBuilder, AzureEnvironment)
Declaration
public PublicClientApplicationBuilder GetBuilderWithAuthority(PublicClientApplicationBuilder builder, AzureEnvironment azureEnvironment)Parameters
|
PublicClientApplicationBuilder
builder
|
|
AzureEnvironment
azureEnvironment
|
Returns
|
PublicClientApplicationBuilder
|
GetContext(String)
Returns a CSOM ClientContext which has been set up for Azure AD OAuth authentication
Declaration
public ClientContext GetContext(string siteUrl)Parameters
|
System.String
siteUrl
|
Returns
|
ClientContext
|
GetContext(String, CancellationToken)
Returns a CSOM ClientContext which has been set up for Azure AD OAuth authentication
Declaration
public ClientContext GetContext(string siteUrl, CancellationToken cancellationToken)Parameters
|
System.String
siteUrl
|
|
CancellationToken
cancellationToken
Optional cancellation token to cancel the request |
Returns
|
ClientContext
|
GetContextAsync(String)
Returns a CSOM ClientContext which has been set up for Azure AD OAuth authentication
Declaration
public async Task<ClientContext> GetContextAsync(string siteUrl)Parameters
|
System.String
siteUrl
|
Returns
|
Task<ClientContext>
|
GetContextAsync(String, CancellationToken, String, String)
Returns a CSOM ClientContext which has been set up for Azure AD OAuth authentication
Declaration
public async Task<ClientContext> GetContextAsync(string siteUrl, CancellationToken cancellationToken, string appName = "PnP", string appUrl = "https://pnp.github.io")Parameters
|
System.String
siteUrl
|
|
CancellationToken
cancellationToken
Optional cancellation token to cancel the request |
|
System.String
appName
Optional app name to show when using on MacOS |
|
System.String
appUrl
Optional url of app to show when using on MacOS |
Returns
|
Task<ClientContext>
|
GetGraphBaseEndPoint()
Gets the URI to use for making Graph calls based upon the environment
Declaration
public Uri GetGraphBaseEndPoint()Returns
|
Uri
Graph URI for given environment |
GetGraphBaseEndPoint(AzureEnvironment)
Gets the URI to use for making Graph calls based upon the environment
Declaration
public static Uri GetGraphBaseEndPoint(AzureEnvironment environment)Parameters
|
AzureEnvironment
environment
Environment to get the Graph URI for |
Returns
|
Uri
Graph URI for given environment |
GetGraphEndPoint()
Returns the Graph End Point url without protocol based upon the Azure Environment selected during creation of the Authentication Manager
Declaration
public string GetGraphEndPoint()Returns
|
System.String
|
GetGraphEndPoint(AzureEnvironment)
Returns the Graph End Point url without protocol based upon the provided Azure Environment
Declaration
public static string GetGraphEndPoint(AzureEnvironment environment)Parameters
|
AzureEnvironment
environment
|
Returns
|
System.String
|
GetGraphEndPointForCustomAzureEnvironmentConfiguration()
Declaration
public string GetGraphEndPointForCustomAzureEnvironmentConfiguration()Returns
|
System.String
|
GetOnPremisesContext(String)
Declaration
public ClientContext GetOnPremisesContext(string siteUrl)Parameters
|
System.String
siteUrl
|
Returns
|
ClientContext
|
GetOnPremisesContext(String, ICredentials)
Declaration
public ClientContext GetOnPremisesContext(string siteUrl, ICredentials credentials)Parameters
|
System.String
siteUrl
|
|
ICredentials
credentials
|
Returns
|
ClientContext
|
GetOnPremisesContext(String, String, SecureString)
Declaration
public ClientContext GetOnPremisesContext(string siteUrl, string userName, SecureString password)Parameters
|
System.String
siteUrl
|
|
System.String
userName
|
|
SecureString
password
|
Returns
|
ClientContext
|
GetSharePointDomainSuffix(AzureEnvironment)
GetTenantAdministrationUri(String)
Returns the equivalent SharePoint Admin url for the passed in SharePoint url
Declaration
public static Uri GetTenantAdministrationUri(string url)Parameters
|
System.String
url
Any SharePoint url for the tenant you need to SharePoint Admin Center URL for |
Returns
|
Uri
SharePoint Admin Center URL |
GetTenantAdministrationUrl(String)
Returns the equivalent SharePoint Admin url for the passed in SharePoint url
Declaration
public static string GetTenantAdministrationUrl(string url)Parameters
|
System.String
url
Any SharePoint url for the tenant you need to SharePoint Admin Center URL for |
Returns
|
System.String
SharePoint Admin Center URL |
IsTenantAdministrationUri(Uri)
Is the provided URL an SharePoint Admin center URL
Declaration
public static bool IsTenantAdministrationUri(Uri uri)Parameters
|
Uri
uri
SharePoint URL to check |
Returns
|
System.Boolean
True if Admin Center URL, false otherwise |
IsTenantAdministrationUrl(String)
Is the provided URL an SharePoint Admin center URL
Declaration
public static bool IsTenantAdministrationUrl(string url)Parameters
|
System.String
url
SharePoint URL to check |
Returns
|
System.Boolean
True if Admin Center URL, false otherwise |
SetEndPointsForCustomAzureEnvironmentConfiguration(String, String)
Declaration
public void SetEndPointsForCustomAzureEnvironmentConfiguration(string microsoftGraphEndPoint, string azureADLoginEndPoint)Parameters
|
System.String
microsoftGraphEndPoint
|
|
System.String
azureADLoginEndPoint
|