• Home
• com.azure
• azure-identity
• 1.13.3
• source code
• DefaultAzureCredential.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.azure.identity.DefaultAzureCredential Maven / Gradle / Ivy

// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.

package com.azure.identity;

import com.azure.core.annotation.Immutable;
import com.azure.core.credential.TokenCredential;

import java.util.List;

/**
 * 
The DefaultAzureCredential is appropriate for most scenarios where the application is intended to ultimately be
 * run in Azure. DefaultAzureCredential combines credentials that are commonly used to authenticate when deployed,
 * with credentials that are used to authenticate in a development environment. The DefaultAzureCredential will
 * attempt to authenticate via the following mechanisms in order.
 *
 * 
 *
 * 

 * 
{@link EnvironmentCredential} - The DefaultAzureCredential will read account information specified via
 * environment variables and use it to authenticate.
 * 
{@link WorkloadIdentityCredential} - If the app is deployed on Kubernetes with environment variables
 * set by the workload identity webhook, DefaultAzureCredential will authenticate the configured identity.
 * 
{@link ManagedIdentityCredential} - If the application deploys to an Azure host with Managed Identity enabled,
 * the DefaultAzureCredential will authenticate with that account.
 * 
{@link IntelliJCredential} - If you've authenticated via
 * Azure Toolkit for
 * IntelliJ, the DefaultAzureCredential will authenticate with that account.
 * 
{@link AzureCliCredential} - If you've authenticated an account via the Azure CLI {@code az login} command, the
 * DefaultAzureCredential will authenticate with that account.
 * 
{@link AzurePowerShellCredential} - If you've authenticated an account via the
 * Azure Power Shell {@code Az Login}
 * command, the DefaultAzureCredential will authenticate with that account.
 * 
Fails if none of the credentials above could be created.
 * 
 *
 * 
For more information refer to the
 * default azure credential authentication
 * docs.
 *
 * 
Configure DefaultAzureCredential
 *
 * 
DefaultAzureCredential supports a set of configurations through setters on the
 * {@link DefaultAzureCredentialBuilder} or environment variables.
 *
 * 

 *     
Setting the environment variables {@code AZURE_CLIENT_ID},
 *     {@code AZURE_CLIENT_SECRET/AZURE_CLIENT_CERTIFICATE_PATH}, and {@code AZURE_TENANT_ID} configures the
 *     DefaultAzureCredential to authenticate as the service principal specified by the values.
 *     
Setting {@link DefaultAzureCredentialBuilder#managedIdentityClientId(String)} on the builder or the
 *     environment variable AZURE_CLIENT_ID configures the DefaultAzureCredential to authenticate as a user-defined
 *     managed identity, while leaving them empty configures it to authenticate as a system-assigned managed identity.
 *     
 *     
Setting {@link DefaultAzureCredentialBuilder#tenantId(String)} on the builder or the environment
 *     variable {@code AZURE_TENANT_ID} configures the DefaultAzureCredential to authenticate to a specific tenant for
 *     Visual Studio Code, and IntelliJ IDEA.
 * 
 *
 * 
Sample: Construct DefaultAzureCredential
 *
 * 
The following code sample demonstrates the creation of a DefaultAzureCredential, using
 * the {@link com.azure.identity.DefaultAzureCredentialBuilder} to configure it. Once this credential is created, it
 * may be passed into the builder of many of the Azure SDK for Java client builders as the 'credential' parameter.
 *
 * 
 * 
 * TokenCredential defaultAzureCredential = new DefaultAzureCredentialBuilder()
 *     .build();
 * 
 * 
 *
 * 
Sample: Construct DefaultAzureCredential with User Assigned Managed Identity 
 *
 * 
User-Assigned Managed Identity (UAMI) in Azure is a feature that allows you to create an identity in
 * Microsoft Entra ID that is
 * associated with one or more Azure resources. This identity can then be used to authenticate and
 * authorize access to various Azure services and resources. The following code sample demonstrates the creation of
 * a DefaultAzureCredential to target a user assigned managed identity, using the
 * {@link com.azure.identity.DefaultAzureCredentialBuilder} to configure it. Once this credential is created, it
 * may be passed into the builder of many of the Azure SDK for Java client builders as the 'credential' parameter.
 *
 * 
 * 
 * TokenCredential dacWithUserAssignedManagedIdentity = new DefaultAzureCredentialBuilder()
 *     .managedIdentityClientId("<Managed-Identity-Client-Id")
 *     .build();
 * 
 * 
 *
 * @see com.azure.identity
 * @see DefaultAzureCredentialBuilder
 * @see ManagedIdentityCredential
 * @see EnvironmentCredential
 * @see ClientSecretCredential
 * @see ClientCertificateCredential
 * @see UsernamePasswordCredential
 * @see AzureCliCredential
 * @see IntelliJCredential
 */
@Immutable
public final class DefaultAzureCredential extends ChainedTokenCredential {
    /**
     * Creates default DefaultAzureCredential instance to use.
     *
     * @param tokenCredentials the list of credentials to execute for authentication.
     */
    DefaultAzureCredential(List tokenCredentials) {
        super(tokenCredentials);
        this.enableUseCachedWorkingCredential();
    }
}