AbstractConfidentialClientAcquireTokenParameterBuilderExtension.WithAttributeTokens<T> Method

Definition

Namespace:: Microsoft.Identity.Client.Extensibility

Assembly:: Microsoft.Identity.Client.dll

Package:: Microsoft.Identity.Client v4.84.2

Important

Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Sends attributeTokens as the attribute_tokens body parameter and includes them in the cache key. Null/empty/whitespace entries are ignored; a null or empty collection is a no-op.

public static T WithAttributeTokens<T>(this Microsoft.Identity.Client.AbstractConfidentialClientAcquireTokenParameterBuilder<T> builder, System.Collections.Generic.IEnumerable<string> attributeTokens) where T : Microsoft.Identity.Client.AbstractConfidentialClientAcquireTokenParameterBuilder<T>;

static member WithAttributeTokens : Microsoft.Identity.Client.AbstractConfidentialClientAcquireTokenParameterBuilder<'T (requires 'T :> Microsoft.Identity.Client.AbstractConfidentialClientAcquireTokenParameterBuilder<'T>)> * seq<string> -> 'T (requires 'T :> Microsoft.Identity.Client.AbstractConfidentialClientAcquireTokenParameterBuilder<'T>)

<Extension()>
Public Function WithAttributeTokens(Of T As AbstractConfidentialClientAcquireTokenParameterBuilder(Of T)) (builder As AbstractConfidentialClientAcquireTokenParameterBuilder(Of T), attributeTokens As IEnumerable(Of String)) As T

Type Parameters

T

The concrete confidential client builder type.

Parameters

builder: AbstractConfidentialClientAcquireTokenParameterBuilder<T>

The builder to chain options to.

attributeTokens: IEnumerable<String>

Attribute tokens to include. Individual tokens must not contain whitespace.

Returns

The builder to chain method calls.

Exceptions

ArgumentException

Thrown when any token contains embedded whitespace.

MsalClientException

Thrown when the application was not configured to allow experimental features (this method transitively calls WithExtraBodyParameters<T>(AbstractConfidentialClientAcquireTokenParameterBuilder<T>, Dictionary<String,Func<CancellationToken,Task<String>>>), which requires experimental features to be enabled via WithExperimentalFeatures() on the application builder).

Remarks

For AcquireTokenForClient the attribute_tokens set is part of the cache partition key, so different sets are fully isolated.

For AcquireTokenOnBehalfOf the partition key is the user assertion hash; the attribute_tokens set is stored as an item-level cache component within that partition. Multiple variants for the same assertion coexist and are disambiguated on read only when the caller supplies the same WithAttributeTokens set. Mixing attributed and non-attributed reads against the same user assertion can return unintended cache entries or fail with multiple_matching_tokens_detected. Be consistent: if you used WithAttributeTokens on a write, use it on every subsequent read for that assertion. Callers that require strict per-set cache isolation across different attribute-token sets should use separate IConfidentialClientApplication instances.

Applies to

Feedback

Was this page helpful?