DeviceCodeCredentialOptions interface
Defines options for the InteractiveBrowserCredential class for Node.js.
- Extends
Properties
| client |
The client (application) ID of an App Registration in the tenant. |
| tenant |
The Microsoft Entra tenant (directory) ID. |
| user |
A callback function that will be invoked to show DeviceCodeInfo to the user. If left unassigned, we will automatically log the device code information and the authentication instructions in the console. |
Inherited Properties
| additionally |
For multi-tenant applications, specifies additional tenants for which the credential may acquire tokens. Add the wildcard value "*" to allow the credential to acquire tokens for any tenant the application is installed. |
| additional |
Additional policies to include in the HTTP pipeline. |
| allow |
Set to true if the request is sent over HTTP instead of HTTPS |
| authentication |
Result of a previous authentication that can be used to retrieve the cached credentials of each individual account. This is necessary to provide in case the application wants to work with more than one account per Client ID and Tenant ID pair. This record can be retrieved by calling to the credential's |
| authority |
The authority host to use for authentication requests. Possible values are available through AzureAuthorityHosts. The default is "https://login.microsoftonline.com". |
| disable |
Makes getToken throw if a manual authentication is necessary.
Developers will need to call to |
| disable |
The field determines whether instance discovery is performed when attempting to authenticate.
Setting this to |
| http |
The HttpClient that will be used to send HTTP requests. |
| logging |
Allows users to configure settings for logging policy options, allow logging account information and personally identifiable information for customer support. |
| proxy |
Options to configure a proxy for outgoing requests. |
| redirect |
Options for how redirect responses are handled. |
| retry |
Options that control how to retry failed requests. |
| telemetry |
Options for setting common telemetry and tracing info to outgoing requests. |
| tls |
Options for configuring TLS authentication |
| token |
Options to provide to the persistence layer (if one is available) when storing credentials. You must first register a persistence provider plugin. See the
Example: |
| user |
Options for adding user agent details to outgoing requests. |
Property Details
clientId
The client (application) ID of an App Registration in the tenant.
clientId?: stringProperty Value
string
tenantId
The Microsoft Entra tenant (directory) ID.
tenantId?: stringProperty Value
string
userPromptCallback
A callback function that will be invoked to show DeviceCodeInfo to the user. If left unassigned, we will automatically log the device code information and the authentication instructions in the console.
userPromptCallback?: DeviceCodePromptCallbackProperty Value
Inherited Property Details
additionallyAllowedTenants
For multi-tenant applications, specifies additional tenants for which the credential may acquire tokens. Add the wildcard value "*" to allow the credential to acquire tokens for any tenant the application is installed.
additionallyAllowedTenants?: string[]Property Value
string[]
Inherited From InteractiveCredentialOptions.additionallyAllowedTenants
additionalPolicies
Additional policies to include in the HTTP pipeline.
additionalPolicies?: AdditionalPolicyConfig[]Property Value
Inherited From InteractiveCredentialOptions.additionalPolicies
allowInsecureConnection
Set to true if the request is sent over HTTP instead of HTTPS
allowInsecureConnection?: booleanProperty Value
boolean
Inherited From InteractiveCredentialOptions.allowInsecureConnection
authenticationRecord
Result of a previous authentication that can be used to retrieve the cached credentials of each individual account. This is necessary to provide in case the application wants to work with more than one account per Client ID and Tenant ID pair.
This record can be retrieved by calling to the credential's authenticate() method, as follows:
const authenticationRecord = await credential.authenticate();
authenticationRecord?: AuthenticationRecordProperty Value
Inherited From InteractiveCredentialOptions.authenticationRecord
authorityHost
The authority host to use for authentication requests. Possible values are available through AzureAuthorityHosts. The default is "https://login.microsoftonline.com".
authorityHost?: stringProperty Value
string
Inherited From InteractiveCredentialOptions.authorityHost
disableAutomaticAuthentication
Makes getToken throw if a manual authentication is necessary.
Developers will need to call to authenticate() to control when to manually authenticate.
disableAutomaticAuthentication?: booleanProperty Value
boolean
Inherited From InteractiveCredentialOptions.disableAutomaticAuthentication
disableInstanceDiscovery
The field determines whether instance discovery is performed when attempting to authenticate.
Setting this to true will completely disable both instance discovery and authority validation.
As a result, it's crucial to ensure that the configured authority host is valid and trustworthy.
This functionality is intended for use in scenarios where the metadata endpoint cannot be reached, such as in private clouds or Azure Stack.
The process of instance discovery entails retrieving authority metadata from https://login.microsoft.com/ to validate the authority.
disableInstanceDiscovery?: booleanProperty Value
boolean
Inherited From InteractiveCredentialOptions.disableInstanceDiscovery
httpClient
The HttpClient that will be used to send HTTP requests.
httpClient?: HttpClientProperty Value
Inherited From InteractiveCredentialOptions.httpClient
loggingOptions
Allows users to configure settings for logging policy options, allow logging account information and personally identifiable information for customer support.
loggingOptions?: LogPolicyOptions & { allowLoggingAccountIdentifiers?: boolean, enableUnsafeSupportLogging?: boolean }Property Value
LogPolicyOptions & { allowLoggingAccountIdentifiers?: boolean, enableUnsafeSupportLogging?: boolean }
Inherited From InteractiveCredentialOptions.loggingOptions
proxyOptions
Options to configure a proxy for outgoing requests.
proxyOptions?: ProxySettingsProperty Value
Inherited From InteractiveCredentialOptions.proxyOptions
redirectOptions
Options for how redirect responses are handled.
redirectOptions?: RedirectPolicyOptionsProperty Value
Inherited From InteractiveCredentialOptions.redirectOptions
retryOptions
Options that control how to retry failed requests.
retryOptions?: PipelineRetryOptionsProperty Value
Inherited From InteractiveCredentialOptions.retryOptions
telemetryOptions
Options for setting common telemetry and tracing info to outgoing requests.
telemetryOptions?: TelemetryOptionsProperty Value
Inherited From InteractiveCredentialOptions.telemetryOptions
tlsOptions
Options for configuring TLS authentication
tlsOptions?: TlsSettingsProperty Value
Inherited From InteractiveCredentialOptions.tlsOptions
tokenCachePersistenceOptions
Options to provide to the persistence layer (if one is available) when storing credentials.
You must first register a persistence provider plugin. See the
@azure/identity-cache-persistence package on NPM.
Example:
import { cachePersistencePlugin } from "@azure/identity-cache-persistence";
import { useIdentityPlugin, DeviceCodeCredential } from "@azure/identity";
useIdentityPlugin(cachePersistencePlugin);
async function main() {
const credential = new DeviceCodeCredential({
tokenCachePersistenceOptions: {
enabled: true
}
});
}
main().catch((error) => {
console.error("An error occurred:", error);
process.exit(1);
});
tokenCachePersistenceOptions?: TokenCachePersistenceOptionsProperty Value
Inherited From CredentialPersistenceOptions.tokenCachePersistenceOptions
userAgentOptions
Options for adding user agent details to outgoing requests.
userAgentOptions?: UserAgentPolicyOptionsProperty Value
Inherited From InteractiveCredentialOptions.userAgentOptions