Skip to main content

DeviceCodeCredentialProvider

  • Namespace: PPDS.Auth.Credentials
  • Assembly: PPDS.Auth
  • Kind: Class
  • Implements: ICredentialProvider, IDisposable

Summary

Provides authentication using device code flow. User visits a URL and enters a code to authenticate.

Members

Constructors

DeviceCodeCredentialProvider(CloudEnvironment cloud, string tenantId, string username, string homeAccountId, Action<DeviceCodeInfo> deviceCodeCallback)

DeviceCodeCredentialProvider(CloudEnvironment cloud, string tenantId, string username, string homeAccountId, Action<DeviceCodeInfo> deviceCodeCallback)

Creates a new device code credential provider.

  • Param cloud: The cloud environment.

  • Param tenantId: Optional tenant ID (defaults to "organizations" for multi-tenant).

  • Param username: Optional username for silent auth lookup.

  • Param homeAccountId: Optional MSAL home account identifier for precise account lookup.

  • Param deviceCodeCallback: Optional callback for displaying device code (defaults to console output).

Methods

CreateServiceClientAsync

Task<ServiceClient> CreateServiceClientAsync(string environmentUrl, CancellationToken cancellationToken, bool forceInteractive)

Creates an authenticated ServiceClient for the specified environment URL.

  • Param environmentUrl: The Dataverse environment URL.

  • Param cancellationToken: Cancellation token.

  • Param forceInteractive: If true, skip silent auth and prompt user directly. Use for profile creation.

  • Returns: An authenticated ServiceClient.

Dispose

void Dispose()

(inherited from System.IDisposable.Dispose)

FromProfile

DeviceCodeCredentialProvider FromProfile(AuthProfile profile, Action<DeviceCodeInfo> deviceCodeCallback)

Creates a provider from an auth profile.

  • Param profile: The auth profile.

  • Param deviceCodeCallback: Optional callback for displaying device code.

  • Returns: A new provider instance.

GetCachedTokenInfoAsync

Task<CachedTokenInfo> GetCachedTokenInfoAsync(string environmentUrl, CancellationToken cancellationToken)

Gets cached token information without triggering interactive authentication. Queries the MSAL token cache to determine current token state.

  • Param environmentUrl: The Dataverse environment URL to check token for.

  • Param cancellationToken: Cancellation token.

  • Returns: Token information if a valid cached token exists, null if token is expired or not cached.

Properties

AccessToken

string AccessToken { get; }

Gets the access token from the last authentication. Available after successful authentication. Used for extracting JWT claims.

AuthMethod

AuthMethod AuthMethod { get; }

Gets the authentication method this provider handles.

HomeAccountId

string HomeAccountId { get; }

Gets the MSAL home account identifier. Format: {objectId}.{tenantId} - uniquely identifies the account+tenant for token cache lookup. Available after successful authentication.

IdTokenClaims

ClaimsPrincipal IdTokenClaims { get; }

Gets the ID token claims from the last authentication (if available). The ID token typically contains user claims like country that aren't in the access token.

Identity

string Identity { get; }

Gets the identity string for display (e.g., username or app ID). Available after successful authentication.

ObjectId

string ObjectId { get; }

Gets the Entra Object ID (OID) from the authentication result. Available after successful authentication.

TenantId

string TenantId { get; }

Gets the tenant ID from the authentication result. Available after successful authentication.

TokenExpiresAt

Nullable<DateTimeOffset> TokenExpiresAt { get; }

Gets the token expiration time. Available after successful authentication.