CustomAuthPublicClientApplication class
- Extends
-
PublicClientApplication
Methods
| create(Custom |
Creates a new instance of a PublicClientApplication with the given configuration and controller to start Native authentication flows |
| get |
Gets the current account from the browser cache. |
| reset |
Initiates the reset password flow. This method results in triggering extra action (submit code) to complete the reset password. Create result with error details if any exception thrown. |
| sign |
Initiates the sign-in flow. This method results in sign-in completion, or extra actions (password, code, etc.) required to complete the sign-in. Create result with error details if any exception thrown. |
| sign |
Initiates the sign-up flow. This method results in sign-up completion, or extra actions (password, code, etc.) required to complete the sign-up. Create result with error details if any exception thrown. |
Inherited Methods
| acquire |
This function redeems an authorization code (passed as code) from the eSTS token endpoint. This authorization code should be acquired server-side using a confidential client to acquire a spa_code. This API is not indended for normal authorization code acquisition and redemption. Redemption of this authorization code will not require PKCE, as it was acquired by a confidential client. |
| acquire |
Use when you want to obtain an access_token for your API via opening a popup window in the user's browser |
| acquire |
Use when you want to obtain an access_token for your API by redirecting the user's browser window to the authorization endpoint. This function redirects the page, so any code that follows this function will not execute. IMPORTANT: It is NOT recommended to have code that is dependent on the resolution of the Promise. This function will navigate away from the current browser window. It currently returns a Promise in order to reflect the asynchronous nature of the code running in this function. |
| acquire |
Silently acquire an access token for a given set of scopes. Returns currently processing promise if parallel requests are made. |
| add |
Adds event callbacks to array |
| add |
Registers a callback to receive performance events. |
| clear |
Clears tokens and account from the browser cache. |
| create |
Creates StandardController and passes it to the PublicClientApplication |
| disable |
Removes event listener that emits an event when a user account is added or removed from localstorage in a different browser tab or window |
| enable |
Adds event listener that emits an event when a user account is added or removed from localstorage in a different browser tab or window |
| get |
Returns the first account found in the cache that matches the account filter passed in. |
| get |
Returns the signed in account matching homeAccountId. (the account object is created at the time of successful login) or null when no matching account is found |
| get |
Returns the signed in account matching localAccountId. (the account object is created at the time of successful login) or null when no matching account is found |
| get |
Returns the signed in account matching username. (the account object is created at the time of successful login) or null when no matching account is found. This API is provided for convenience but getAccountById should be used for best reliability |
| get |
Gets the currently active account |
| get |
Returns all the accounts in the cache that match the optional filter. If no filter is provided, all accounts are returned. |
| get |
Returns the logger instance |
| get |
Gets the token cache for the application. |
| handle |
Event handler function which allows users to fire events after the PublicClientApplication object has loaded during redirect flows. This should be invoked on all page loads involved in redirect auth flows. |
| hydrate |
Hydrates cache with the tokens and account in the AuthenticationResult object |
| initialize(Initialize |
Initializer function to perform async startup tasks such as connecting to WAM extension |
| initialize |
Called by wrapper libraries (Angular & React) to set SKU and Version passed down to telemetry, logger, etc. |
| login |
Use when initiating the login process via opening a popup window in the user's browser |
| login |
Use when initiating the login process by redirecting the user's browser to the authorization endpoint. This function redirects the page, so any code that follows this function will not execute. IMPORTANT: It is NOT recommended to have code that is dependent on the resolution of the Promise. This function will navigate away from the current browser window. It currently returns a Promise in order to reflect the asynchronous nature of the code running in this function. |
| logout(End |
Deprecated logout function. Use logoutRedirect or logoutPopup instead |
| logout |
Clears local cache for the current user then opens a popup window prompting the user to sign-out of the server |
| logout |
Use to log out the current user, and redirect the user to the postLogoutRedirectUri.
Default behaviour is to redirect the user to |
| remove |
Removes callback with provided id from callback array |
| remove |
Removes a callback registered with addPerformanceCallback. |
| set |
Sets the account to use as the active account. If no account is passed to the acquireToken APIs, then MSAL will use this active account. |
| set |
Replaces the default logger set in configurations with new Logger with new configurations |
| set |
Sets navigation client |
| sso |
This function uses a hidden iframe to fetch an authorization code from the eSTS. There are cases where this may not work:
In these cases, the request must be done inside a popup or full frame redirect. For the cases where interaction is required, you cannot send a request with prompt=none. If your refresh token has expired, you can use this function to fetch a new set of tokens silently as long as you session on the server still exists. |
Method Details
create(CustomAuthConfiguration)
Creates a new instance of a PublicClientApplication with the given configuration and controller to start Native authentication flows
static function create(config: CustomAuthConfiguration): Promise<ICustomAuthPublicClientApplication>Parameters
- config
- CustomAuthConfiguration
A configuration object for the PublicClientApplication instance
Returns
Promise<ICustomAuthPublicClientApplication>
- A promise that resolves to a CustomAuthPublicClientApplication instance
getCurrentAccount(CustomAuthActionInputs)
Gets the current account from the browser cache.
function getCurrentAccount(accountRetrievalInputs?: CustomAuthActionInputs): GetAccountResultParameters
- accountRetrievalInputs
-
CustomAuthActionInputs
Returns
- The result of the get account operation
resetPassword(ResetPasswordInputs)
Initiates the reset password flow. This method results in triggering extra action (submit code) to complete the reset password. Create result with error details if any exception thrown.
function resetPassword(resetPasswordInputs: ResetPasswordInputs): Promise<ResetPasswordStartResult>Parameters
- resetPasswordInputs
- ResetPasswordInputs
Inputs for the reset password flow
Returns
Promise<ResetPasswordStartResult>
- A promise that resolves to ResetPasswordStartResult
signIn(SignInInputs)
Initiates the sign-in flow. This method results in sign-in completion, or extra actions (password, code, etc.) required to complete the sign-in. Create result with error details if any exception thrown.
function signIn(signInInputs: SignInInputs): Promise<SignInResult>Parameters
- signInInputs
- SignInInputs
Inputs for the sign-in flow
Returns
Promise<SignInResult>
- A promise that resolves to SignInResult
signUp(SignUpInputs)
Initiates the sign-up flow. This method results in sign-up completion, or extra actions (password, code, etc.) required to complete the sign-up. Create result with error details if any exception thrown.
function signUp(signUpInputs: SignUpInputs): Promise<SignUpResult>Parameters
- signUpInputs
- SignUpInputs
Returns
Promise<SignUpResult>
- A promise that resolves to SignUpResult
Inherited Method Details
acquireTokenByCode(AuthorizationCodeRequest)
This function redeems an authorization code (passed as code) from the eSTS token endpoint. This authorization code should be acquired server-side using a confidential client to acquire a spa_code. This API is not indended for normal authorization code acquisition and redemption.
Redemption of this authorization code will not require PKCE, as it was acquired by a confidential client.
function acquireTokenByCode(request: AuthorizationCodeRequest): Promise<AuthenticationResult>Parameters
- request
-
AuthorizationCodeRequest
Returns
Promise<AuthenticationResult>
A promise that is fulfilled when this function has completed, or rejected if an error was raised.
Inherited From PublicClientApplication.acquireTokenByCode
acquireTokenPopup(PopupRequest)
Use when you want to obtain an access_token for your API via opening a popup window in the user's browser
function acquireTokenPopup(request: PopupRequest): Promise<AuthenticationResult>Parameters
- request
-
PopupRequest
Returns
Promise<AuthenticationResult>
A promise that is fulfilled when this function has completed, or rejected if an error was raised.
Inherited From PublicClientApplication.acquireTokenPopup
acquireTokenRedirect(RedirectRequest)
Use when you want to obtain an access_token for your API by redirecting the user's browser window to the authorization endpoint. This function redirects the page, so any code that follows this function will not execute.
IMPORTANT: It is NOT recommended to have code that is dependent on the resolution of the Promise. This function will navigate away from the current browser window. It currently returns a Promise in order to reflect the asynchronous nature of the code running in this function.
function acquireTokenRedirect(request: RedirectRequest): Promise<void>Parameters
- request
-
RedirectRequest
Returns
Promise<void>
Inherited From PublicClientApplication.acquireTokenRedirect
acquireTokenSilent(SilentRequest)
Silently acquire an access token for a given set of scopes. Returns currently processing promise if parallel requests are made.
function acquireTokenSilent(silentRequest: SilentRequest): Promise<AuthenticationResult>Parameters
- silentRequest
-
SilentRequest
Returns
Promise<AuthenticationResult>
- a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the AuthenticationResult object
Inherited From PublicClientApplication.acquireTokenSilent
addEventCallback(EventCallbackFunction, EventType[])
Adds event callbacks to array
function addEventCallback(callback: EventCallbackFunction, eventTypes?: EventType[]): null | stringParameters
- callback
-
EventCallbackFunction
- eventTypes
-
EventType[]
Returns
null | string
Inherited From PublicClientApplication.addEventCallback
addPerformanceCallback(PerformanceCallbackFunction)
Registers a callback to receive performance events.
function addPerformanceCallback(callback: PerformanceCallbackFunction): stringParameters
- callback
- PerformanceCallbackFunction
Returns
string
Inherited From PublicClientApplication.addPerformanceCallback
clearCache(ClearCacheRequest)
Clears tokens and account from the browser cache.
function clearCache(logoutRequest?: ClearCacheRequest): Promise<void>Parameters
- logoutRequest
-
ClearCacheRequest
Returns
Promise<void>
Inherited From PublicClientApplication.clearCache
createPublicClientApplication(Configuration)
Creates StandardController and passes it to the PublicClientApplication
static function createPublicClientApplication(configuration: Configuration): Promise<IPublicClientApplication>Parameters
- configuration
-
Configuration
{Configuration}
Returns
Promise<IPublicClientApplication>
Inherited From PublicClientApplication.createPublicClientApplication
disableAccountStorageEvents()
Removes event listener that emits an event when a user account is added or removed from localstorage in a different browser tab or window
function disableAccountStorageEvents()Inherited From PublicClientApplication.disableAccountStorageEvents
enableAccountStorageEvents()
Adds event listener that emits an event when a user account is added or removed from localstorage in a different browser tab or window
function enableAccountStorageEvents()Inherited From PublicClientApplication.enableAccountStorageEvents
getAccount(AccountFilter)
Returns the first account found in the cache that matches the account filter passed in.
function getAccount(accountFilter: AccountFilter): null | AccountInfoParameters
- accountFilter
- @azure/msal-common.AccountFilter
Returns
null | AccountInfo
The first account found in the cache matching the provided filter or null if no account could be found.
Inherited From PublicClientApplication.getAccount
getAccountByHomeId(string)
Warning
This API is now deprecated.
- Use getAccount instead
Returns the signed in account matching homeAccountId. (the account object is created at the time of successful login) or null when no matching account is found
function getAccountByHomeId(homeAccountId: string): null | AccountInfoParameters
- homeAccountId
-
string
Returns
null | AccountInfo
The account object stored in MSAL
Inherited From PublicClientApplication.getAccountByHomeId
getAccountByLocalId(string)
Warning
This API is now deprecated.
- Use getAccount instead
Returns the signed in account matching localAccountId. (the account object is created at the time of successful login) or null when no matching account is found
function getAccountByLocalId(localId: string): null | AccountInfoParameters
- localId
-
string
Returns
null | AccountInfo
The account object stored in MSAL
Inherited From PublicClientApplication.getAccountByLocalId
getAccountByUsername(string)
Warning
This API is now deprecated.
- Use getAccount instead
Returns the signed in account matching username. (the account object is created at the time of successful login) or null when no matching account is found. This API is provided for convenience but getAccountById should be used for best reliability
function getAccountByUsername(userName: string): null | AccountInfoParameters
- userName
-
string
Returns
null | AccountInfo
The account object stored in MSAL
Inherited From PublicClientApplication.getAccountByUsername
getActiveAccount()
Gets the currently active account
function getActiveAccount(): null | AccountInfoReturns
null | AccountInfo
Inherited From PublicClientApplication.getActiveAccount
getAllAccounts(AccountFilter)
Returns all the accounts in the cache that match the optional filter. If no filter is provided, all accounts are returned.
function getAllAccounts(accountFilter?: AccountFilter): AccountInfo[]Parameters
- accountFilter
- @azure/msal-common.AccountFilter
(Optional) filter to narrow down the accounts returned
Returns
Array of AccountInfo objects in cache
Inherited From PublicClientApplication.getAllAccounts
getLogger()
Returns the logger instance
function getLogger(): LoggerReturns
Inherited From PublicClientApplication.getLogger
getTokenCache()
Gets the token cache for the application.
function getTokenCache(): ITokenCacheReturns
ITokenCache
Inherited From PublicClientApplication.getTokenCache
handleRedirectPromise(string)
Event handler function which allows users to fire events after the PublicClientApplication object has loaded during redirect flows. This should be invoked on all page loads involved in redirect auth flows.
function handleRedirectPromise(hash?: string): Promise<null | AuthenticationResult>Parameters
- hash
-
string
Hash to process. Defaults to the current value of window.location.hash. Only needs to be provided explicitly if the response to be handled is not contained in the current value.
Returns
Promise<null | AuthenticationResult>
Token response or null. If the return value is null, then no auth redirect was detected.
Inherited From PublicClientApplication.handleRedirectPromise
hydrateCache(AuthenticationResult, PopupRequest | RedirectRequest | SilentRequest | Partial<Omit<CommonAuthorizationUrlRequest, "responseMode" | "earJwk" | "codeChallenge" | "codeChallengeMethod" | "requestedClaimsHash" | "platformBroker">>)
Hydrates cache with the tokens and account in the AuthenticationResult object
function hydrateCache(result: AuthenticationResult, request: PopupRequest | RedirectRequest | SilentRequest | Partial<Omit<CommonAuthorizationUrlRequest, "responseMode" | "earJwk" | "codeChallenge" | "codeChallengeMethod" | "requestedClaimsHash" | "platformBroker">>): Promise<void>Parameters
- result
-
AuthenticationResult
- request
-
PopupRequest | RedirectRequest | SilentRequest | Partial<Omit<@azure/msal-common.CommonAuthorizationUrlRequest, "responseMode" | "earJwk" | "codeChallenge" | "codeChallengeMethod" | "requestedClaimsHash" | "platformBroker">>
The request object that was used to obtain the AuthenticationResult
Returns
Promise<void>
Inherited From PublicClientApplication.hydrateCache
initialize(InitializeApplicationRequest)
Initializer function to perform async startup tasks such as connecting to WAM extension
function initialize(request?: InitializeApplicationRequest): Promise<void>Parameters
- request
-
InitializeApplicationRequest
{?InitializeApplicationRequest}
Returns
Promise<void>
Inherited From PublicClientApplication.initialize
initializeWrapperLibrary(WrapperSKU, string)
Called by wrapper libraries (Angular & React) to set SKU and Version passed down to telemetry, logger, etc.
function initializeWrapperLibrary(sku: WrapperSKU, version: string)Parameters
- sku
-
WrapperSKU
- version
-
string
Inherited From PublicClientApplication.initializeWrapperLibrary
loginPopup(PopupRequest)
Use when initiating the login process via opening a popup window in the user's browser
function loginPopup(request?: PopupRequest): Promise<AuthenticationResult>Parameters
- request
-
PopupRequest
Returns
Promise<AuthenticationResult>
A promise that is fulfilled when this function has completed, or rejected if an error was raised.
Inherited From PublicClientApplication.loginPopup
loginRedirect(RedirectRequest)
Use when initiating the login process by redirecting the user's browser to the authorization endpoint. This function redirects the page, so any code that follows this function will not execute.
IMPORTANT: It is NOT recommended to have code that is dependent on the resolution of the Promise. This function will navigate away from the current browser window. It currently returns a Promise in order to reflect the asynchronous nature of the code running in this function.
function loginRedirect(request?: RedirectRequest): Promise<void>Parameters
- request
-
RedirectRequest
Returns
Promise<void>
Inherited From PublicClientApplication.loginRedirect
logout(EndSessionRequest)
Warning
This API is now deprecated.
Deprecated logout function. Use logoutRedirect or logoutPopup instead
function logout(logoutRequest?: EndSessionRequest): Promise<void>Parameters
- logoutRequest
-
EndSessionRequest
Returns
Promise<void>
Inherited From PublicClientApplication.logout
logoutPopup(EndSessionPopupRequest)
Clears local cache for the current user then opens a popup window prompting the user to sign-out of the server
function logoutPopup(logoutRequest?: EndSessionPopupRequest): Promise<void>Parameters
- logoutRequest
-
EndSessionPopupRequest
Returns
Promise<void>
Inherited From PublicClientApplication.logoutPopup
logoutRedirect(EndSessionRequest)
Use to log out the current user, and redirect the user to the postLogoutRedirectUri.
Default behaviour is to redirect the user to window.location.href.
function logoutRedirect(logoutRequest?: EndSessionRequest): Promise<void>Parameters
- logoutRequest
-
EndSessionRequest
Returns
Promise<void>
Inherited From PublicClientApplication.logoutRedirect
removeEventCallback(string)
Removes callback with provided id from callback array
function removeEventCallback(callbackId: string)Parameters
- callbackId
-
string
Inherited From PublicClientApplication.removeEventCallback
removePerformanceCallback(string)
Removes a callback registered with addPerformanceCallback.
function removePerformanceCallback(callbackId: string): booleanParameters
- callbackId
-
string
Returns
boolean
Inherited From PublicClientApplication.removePerformanceCallback
setActiveAccount(null | AccountInfo)
Sets the account to use as the active account. If no account is passed to the acquireToken APIs, then MSAL will use this active account.
function setActiveAccount(account: null | AccountInfo)Parameters
- account
-
null | AccountInfo
Inherited From PublicClientApplication.setActiveAccount
setLogger(Logger)
Replaces the default logger set in configurations with new Logger with new configurations
function setLogger(logger: Logger)Parameters
- logger
- Logger
Logger instance
Inherited From PublicClientApplication.setLogger
setNavigationClient(INavigationClient)
Sets navigation client
function setNavigationClient(navigationClient: INavigationClient)Parameters
- navigationClient
-
INavigationClient
Inherited From PublicClientApplication.setNavigationClient
ssoSilent(Partial<Omit<CommonAuthorizationUrlRequest, "responseMode" | "earJwk" | "codeChallenge" | "codeChallengeMethod" | "requestedClaimsHash" | "platformBroker">>)
This function uses a hidden iframe to fetch an authorization code from the eSTS. There are cases where this may not work:
- Any browser using a form of Intelligent Tracking Prevention
- If there is not an established session with the service
In these cases, the request must be done inside a popup or full frame redirect.
For the cases where interaction is required, you cannot send a request with prompt=none.
If your refresh token has expired, you can use this function to fetch a new set of tokens silently as long as you session on the server still exists.
function ssoSilent(request: Partial<Omit<CommonAuthorizationUrlRequest, "responseMode" | "earJwk" | "codeChallenge" | "codeChallengeMethod" | "requestedClaimsHash" | "platformBroker">>): Promise<AuthenticationResult>Parameters
- request
-
Partial<Omit<@azure/msal-common.CommonAuthorizationUrlRequest, "responseMode" | "earJwk" | "codeChallenge" | "codeChallengeMethod" | "requestedClaimsHash" | "platformBroker">>
Returns
Promise<AuthenticationResult>
A promise that is fulfilled when this function has completed, or rejected if an error was raised.
Inherited From PublicClientApplication.ssoSilent