InteractiveBrowserCredentialNodeOptions interface
Defines the common options for the InteractiveBrowserCredential class.
- Extends
Properties
client |
The client (application) ID of an App Registration in the tenant. |
login |
loginHint allows a user name to be pre-selected for interactive logins. Setting this option skips the account selection prompt and immediately attempts to login with the specified account. |
redirect |
Gets the redirect URI of the application. This should be same as the value
in the application registration portal. Defaults to |
tenant |
The Microsoft Entra tenant (directory) ID. |
Inherited Properties
additionally |
For multi-tenant applications, specifies additional tenants for which the credential may acquire tokens. Add the wildcard value "*" to allow the credential to acquire tokens for any tenant the application is installed. |
additional |
Additional policies to include in the HTTP pipeline. |
allow |
Set to true if the request is sent over HTTP instead of HTTPS |
authentication |
Result of a previous authentication that can be used to retrieve the cached credentials of each individual account. This is necessary to provide in case the application wants to work with more than one account per Client ID and Tenant ID pair. This record can be retrieved by calling to the credential's
|
authority |
The authority host to use for authentication requests. Possible values are available through AzureAuthorityHosts. The default is "https://login.microsoftonline.com". |
broker |
Options to allow broker authentication when using InteractiveBrowserCredential |
browser |
Shared configuration options for browser customization |
disable |
Makes getToken throw if a manual authentication is necessary.
Developers will need to call to |
disable |
The field determines whether instance discovery is performed when attempting to authenticate.
Setting this to |
http |
The HttpClient that will be used to send HTTP requests. |
logging |
Allows users to configure settings for logging policy options, allow logging account information and personally identifiable information for customer support. |
proxy |
Options to configure a proxy for outgoing requests. |
redirect |
Options for how redirect responses are handled. |
retry |
Options that control how to retry failed requests. |
telemetry |
Options for setting common telemetry and tracing info to outgoing requests. |
tls |
Options for configuring TLS authentication |
token |
Options to provide to the persistence layer (if one is available) when storing credentials. You must first register a persistence provider plugin. See the
Example:
|
user |
Options for adding user agent details to outgoing requests. |
Property Details
clientId
The client (application) ID of an App Registration in the tenant.
clientId?: string
Property Value
string
loginHint
loginHint allows a user name to be pre-selected for interactive logins. Setting this option skips the account selection prompt and immediately attempts to login with the specified account.
loginHint?: string
Property Value
string
redirectUri
Gets the redirect URI of the application. This should be same as the value
in the application registration portal. Defaults to window.location.href
.
This field is no longer required for Node.js.
redirectUri?: string | () => string
Property Value
string | () => string
tenantId
The Microsoft Entra tenant (directory) ID.
tenantId?: string
Property Value
string
Inherited Property Details
additionallyAllowedTenants
For multi-tenant applications, specifies additional tenants for which the credential may acquire tokens. Add the wildcard value "*" to allow the credential to acquire tokens for any tenant the application is installed.
additionallyAllowedTenants?: string[]
Property Value
string[]
Inherited From InteractiveCredentialOptions.additionallyAllowedTenants
additionalPolicies
Additional policies to include in the HTTP pipeline.
additionalPolicies?: AdditionalPolicyConfig[]
Property Value
Inherited From InteractiveCredentialOptions.additionalPolicies
allowInsecureConnection
Set to true if the request is sent over HTTP instead of HTTPS
allowInsecureConnection?: boolean
Property Value
boolean
Inherited From InteractiveCredentialOptions.allowInsecureConnection
authenticationRecord
Result of a previous authentication that can be used to retrieve the cached credentials of each individual account. This is necessary to provide in case the application wants to work with more than one account per Client ID and Tenant ID pair.
This record can be retrieved by calling to the credential's authenticate()
method, as follows:
const authenticationRecord = await credential.authenticate();
authenticationRecord?: AuthenticationRecord
Property Value
Inherited From InteractiveCredentialOptions.authenticationRecord
authorityHost
The authority host to use for authentication requests. Possible values are available through AzureAuthorityHosts. The default is "https://login.microsoftonline.com".
authorityHost?: string
Property Value
string
Inherited From InteractiveCredentialOptions.authorityHost
brokerOptions
Options to allow broker authentication when using InteractiveBrowserCredential
brokerOptions?: BrokerOptions
Property Value
Inherited From BrokerAuthOptions.brokerOptions
browserCustomizationOptions
Shared configuration options for browser customization
browserCustomizationOptions?: { errorMessage?: string, successMessage?: string }
Property Value
{ errorMessage?: string, successMessage?: string }
Inherited From BrowserCustomizationOptions.browserCustomizationOptions
disableAutomaticAuthentication
Makes getToken throw if a manual authentication is necessary.
Developers will need to call to authenticate()
to control when to manually authenticate.
disableAutomaticAuthentication?: boolean
Property Value
boolean
Inherited From InteractiveCredentialOptions.disableAutomaticAuthentication
disableInstanceDiscovery
The field determines whether instance discovery is performed when attempting to authenticate.
Setting this to true
will completely disable both instance discovery and authority validation.
As a result, it's crucial to ensure that the configured authority host is valid and trustworthy.
This functionality is intended for use in scenarios where the metadata endpoint cannot be reached, such as in private clouds or Azure Stack.
The process of instance discovery entails retrieving authority metadata from https://login.microsoft.com/ to validate the authority.
disableInstanceDiscovery?: boolean
Property Value
boolean
Inherited From InteractiveCredentialOptions.disableInstanceDiscovery
httpClient
The HttpClient that will be used to send HTTP requests.
httpClient?: HttpClient
Property Value
Inherited From InteractiveCredentialOptions.httpClient
loggingOptions
Allows users to configure settings for logging policy options, allow logging account information and personally identifiable information for customer support.
loggingOptions?: LogPolicyOptions & { allowLoggingAccountIdentifiers?: boolean, enableUnsafeSupportLogging?: boolean }
Property Value
LogPolicyOptions & { allowLoggingAccountIdentifiers?: boolean, enableUnsafeSupportLogging?: boolean }
Inherited From InteractiveCredentialOptions.loggingOptions
proxyOptions
Options to configure a proxy for outgoing requests.
proxyOptions?: ProxySettings
Property Value
Inherited From InteractiveCredentialOptions.proxyOptions
redirectOptions
Options for how redirect responses are handled.
redirectOptions?: RedirectPolicyOptions
Property Value
Inherited From InteractiveCredentialOptions.redirectOptions
retryOptions
Options that control how to retry failed requests.
retryOptions?: PipelineRetryOptions
Property Value
Inherited From InteractiveCredentialOptions.retryOptions
telemetryOptions
Options for setting common telemetry and tracing info to outgoing requests.
telemetryOptions?: TelemetryOptions
Property Value
Inherited From InteractiveCredentialOptions.telemetryOptions
tlsOptions
Options for configuring TLS authentication
tlsOptions?: TlsSettings
Property Value
Inherited From InteractiveCredentialOptions.tlsOptions
tokenCachePersistenceOptions
Options to provide to the persistence layer (if one is available) when storing credentials.
You must first register a persistence provider plugin. See the
@azure/identity-cache-persistence
package on NPM.
Example:
import { cachePersistencePlugin } from "@azure/identity-cache-persistence";
import { useIdentityPlugin, DeviceCodeCredential } from "@azure/identity";
useIdentityPlugin(cachePersistencePlugin);
async function main() {
const credential = new DeviceCodeCredential({
tokenCachePersistenceOptions: {
enabled: true
}
});
}
main().catch((error) => {
console.error("An error occurred:", error);
process.exit(1);
});
tokenCachePersistenceOptions?: TokenCachePersistenceOptions
Property Value
Inherited From CredentialPersistenceOptions.tokenCachePersistenceOptions
userAgentOptions
Options for adding user agent details to outgoing requests.
userAgentOptions?: UserAgentPolicyOptions
Property Value
Inherited From InteractiveCredentialOptions.userAgentOptions