Share via


AzureCliCredential Class

  • java.lang.Object
    • com.azure.identity.AzureCliCredential

Implements

public class AzureCliCredential
implements TokenCredential

The Azure CLI is a command-line tool that allows users to manage Azure resources from their local machine or terminal. It allows users to authenticate interactively as a user and/or a service principal against Microsoft Entra ID. The AzureCliCredential authenticates in a development environment and acquires a token on behalf of the logged-in user or service principal in Azure CLI. It acts as the Azure CLI logged in user or service principal and executes an Azure CLI command underneath to authenticate the application against Microsoft Entra ID.

Configure AzureCliCredential

To use this credential, the developer needs to authenticate locally in Azure CLI using one of the commands below:

  1. Run "az login" in Azure CLI to authenticate as a user.
  2. Run "az login --service-principal --username {client ID} --password {client secret} --tenant {tenant ID}" to authenticate as a service principal.

You may need to repeat this process after a certain time period, depending on the refresh token validity in your organization. Generally, the refresh token validity period is a few weeks to a few months. AzureCliCredential will prompt you to sign in again.

Claims Challenges

Claims challenges are not supported by AzureCliCredential. If a token request includes claims, a CredentialUnavailableException will be thrown with instructions to use the Azure CLI directly with the appropriate --claims-challenge parameter.

Sample: Construct AzureCliCredential

The following code sample demonstrates the creation of a AzureCliCredential, using the AzureCliCredentialBuilder to configure it. Once this credential is created, it may be passed into the builder of many of the Azure SDK for Java client builders as the 'credential' parameter.

TokenCredential azureCliCredential = new AzureCliCredentialBuilder().build();

Methods inherited from java.lang.Object

Method Details

getToken

public Mono<AccessToken> getToken(TokenRequestContext request)

Parameters:

request

getTokenSync

public AccessToken getTokenSync(TokenRequestContext request)

Parameters:

request

Applies to