-
Notifications
You must be signed in to change notification settings - Fork 224
/
com.azure.identity.DefaultAzureCredential.yml
33 lines (33 loc) · 8.46 KB
/
com.azure.identity.DefaultAzureCredential.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
### YamlMime:JavaType
uid: "com.azure.identity.DefaultAzureCredential"
fullName: "com.azure.identity.DefaultAzureCredential"
name: "DefaultAzureCredential"
nameWithType: "DefaultAzureCredential"
summary: "The DefaultAzureCredential is appropriate for most scenarios where the application is intended to ultimately be run in Azure."
inheritances:
- "<xref href=\"java.lang.Object?displayProperty=fullName\" data-throw-if-not-resolved=\"False\" />"
- "<xref href=\"com.azure.identity.ChainedTokenCredential?displayProperty=fullName\" data-throw-if-not-resolved=\"False\" />"
inheritedClassMethods:
- classRef: "<xref href=\"com.azure.identity.ChainedTokenCredential?alt=com.azure.identity.ChainedTokenCredential&text=ChainedTokenCredential\" data-throw-if-not-resolved=\"False\" />"
methodsRef:
- "<xref href=\"com.azure.identity.ChainedTokenCredential.getToken(com.azure.core.credential.TokenRequestContext)?alt=com.azure.identity.ChainedTokenCredential.getToken&text=getToken\" data-throw-if-not-resolved=\"False\" />"
- "<xref href=\"com.azure.identity.ChainedTokenCredential.getTokenSync(com.azure.core.credential.TokenRequestContext)?alt=com.azure.identity.ChainedTokenCredential.getTokenSync&text=getTokenSync\" data-throw-if-not-resolved=\"False\" />"
- classRef: "java.lang.<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html\">Object</a>"
methodsRef:
- "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#clone--\">clone</a>"
- "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#equals-java.lang.Object-\">equals</a>"
- "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#finalize--\">finalize</a>"
- "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#getClass--\">getClass</a>"
- "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#hashCode--\">hashCode</a>"
- "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#notify--\">notify</a>"
- "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#notifyAll--\">notifyAll</a>"
- "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#toString--\">toString</a>"
- "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#wait--\">wait</a>"
- "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#wait-long-\">wait</a>"
- "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#wait-long-int-\">wait</a>"
syntax: "public final class **DefaultAzureCredential**</br> extends <xref href=\"com.azure.identity.ChainedTokenCredential?alt=com.azure.identity.ChainedTokenCredential&text=ChainedTokenCredential\" data-throw-if-not-resolved=\"False\" />"
type: "class"
desc: "The DefaultAzureCredential is appropriate for most scenarios where the application is intended to ultimately be run in Azure. DefaultAzureCredential combines credentials that are commonly used to authenticate when deployed, with credentials that are used to authenticate in a development environment. The DefaultAzureCredential will attempt to authenticate via the following mechanisms in order.\n\n![Image 1][]\n\n1. <xref uid=\"com.azure.identity.EnvironmentCredential\" data-throw-if-not-resolved=\"false\" data-raw-source=\"EnvironmentCredential\"></xref> \\- The DefaultAzureCredential will read account information specified via environment variables and use it to authenticate.\n2. <xref uid=\"com.azure.identity.WorkloadIdentityCredential\" data-throw-if-not-resolved=\"false\" data-raw-source=\"WorkloadIdentityCredential\"></xref> \\- If the app is deployed on Kubernetes with environment variables set by the workload identity webhook, DefaultAzureCredential will authenticate the configured identity.\n3. <xref uid=\"com.azure.identity.ManagedIdentityCredential\" data-throw-if-not-resolved=\"false\" data-raw-source=\"ManagedIdentityCredential\"></xref> \\- If the application deploys to an Azure host with Managed Identity enabled, the DefaultAzureCredential will authenticate with that account.\n4. <xref uid=\"com.azure.identity.IntelliJCredential\" data-throw-if-not-resolved=\"false\" data-raw-source=\"IntelliJCredential\"></xref> \\- If you've authenticated via [Azure Toolkit for IntelliJ][], the DefaultAzureCredential will authenticate with that account.\n5. <xref uid=\"com.azure.identity.AzureCliCredential\" data-throw-if-not-resolved=\"false\" data-raw-source=\"AzureCliCredential\"></xref> \\- If you've authenticated an account via the Azure CLI `az login` command, the DefaultAzureCredential will authenticate with that account.\n6. <xref uid=\"com.azure.identity.AzurePowerShellCredential\" data-throw-if-not-resolved=\"false\" data-raw-source=\"AzurePowerShellCredential\"></xref> \\- If you've authenticated an account via the [Azure Power Shell][] `Az Login` command, the DefaultAzureCredential will authenticate with that account.\n7. Fails if none of the credentials above could be created.\n\nFor more information refer to the [default azure credential authentication docs][].\n\n## Configure DefaultAzureCredential ##\n\nDefaultAzureCredential supports a set of configurations through setters on the <xref uid=\"com.azure.identity.DefaultAzureCredentialBuilder\" data-throw-if-not-resolved=\"false\" data-raw-source=\"DefaultAzureCredentialBuilder\"></xref> or environment variables.\n\n1. Setting the environment variables `AZURE_CLIENT_ID`, `AZURE_CLIENT_SECRET/AZURE_CLIENT_CERTIFICATE_PATH`, and `AZURE_TENANT_ID` configures the DefaultAzureCredential to authenticate as the service principal specified by the values.\n2. Setting <xref uid=\"com.azure.identity.DefaultAzureCredentialBuilder.managedIdentityClientId(java.lang.String)\" data-throw-if-not-resolved=\"false\" data-raw-source=\"DefaultAzureCredentialBuilder#managedIdentityClientId(String)\"></xref> on the builder or the environment variable AZURE\\_CLIENT\\_ID configures the DefaultAzureCredential to authenticate as a user-defined managed identity, while leaving them empty configures it to authenticate as a system-assigned managed identity.\n3. Setting <xref uid=\"com.azure.identity.DefaultAzureCredentialBuilder.tenantId(java.lang.String)\" data-throw-if-not-resolved=\"false\" data-raw-source=\"DefaultAzureCredentialBuilder#tenantId(String)\"></xref> on the builder or the environment variable `AZURE_TENANT_ID` configures the DefaultAzureCredential to authenticate to a specific tenant for Visual Studio Code, and IntelliJ IDEA.\n\n**Sample: Construct DefaultAzureCredential**\n\nThe following code sample demonstrates the creation of a DefaultAzureCredential, using the <xref uid=\"com.azure.identity.DefaultAzureCredentialBuilder\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.identity.DefaultAzureCredentialBuilder\"></xref> to configure it. Once this credential is created, it may be passed into the builder of many of the Azure SDK for Java client builders as the 'credential' parameter.\n\n```java\nTokenCredential defaultAzureCredential = new DefaultAzureCredentialBuilder()\n .build();\n```\n\n**Sample: Construct DefaultAzureCredential with User Assigned Managed Identity** \n\nUser-Assigned Managed Identity (UAMI) in Azure is a feature that allows you to create an identity in [Microsoft Entra ID][] that is associated with one or more Azure resources. This identity can then be used to authenticate and authorize access to various Azure services and resources. The following code sample demonstrates the creation of a DefaultAzureCredential to target a user assigned managed identity, using the <xref uid=\"com.azure.identity.DefaultAzureCredentialBuilder\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.identity.DefaultAzureCredentialBuilder\"></xref> to configure it. Once this credential is created, it may be passed into the builder of many of the Azure SDK for Java client builders as the 'credential' parameter.\n\n```java\nTokenCredential dacWithUserAssignedManagedIdentity = new DefaultAzureCredentialBuilder()\n .managedIdentityClientId(\"<Managed-Identity-Client-Id\")\n .build();\n```\n\n\n[Image 1]: \n[Azure Toolkit for IntelliJ]: https://learn.microsoft.com/azure/developer/java/toolkit-for-intellij/\n[Azure Power Shell]: https://learn.microsoft.com/powershell/azure/?view=azps-9.4.0\n[default azure credential authentication docs]: https://aka.ms/azsdk/java/identity/defaultazurecredential/docs\n[Microsoft Entra ID]: https://learn.microsoft.com/entra/fundamentals/"
metadata: {}
package: "com.azure.identity"
artifact: com.azure:azure-identity:1.13.1