Azure SDK for Java Reference Documentation
Azure Identity Brokered Authentication client library for Java
The Azure Identity Brokered Authentication library extends the Azure Identity library to provide brokered authentication support. This options class can be used to create an InteractiveBrowserCredential capable of using the system authentication broker in lieu of the web browser when available.
Source code | API reference documentation | Microsoft Entra ID documentation
Getting started
Include the package
Include the BOM file
Include the azure-sdk-bom in your project to take a dependency on the stable version of the library. In the following snippet, replace the {bom_version_to_target} placeholder with the version number. To learn more about the BOM, see the Azure SDK BOM README.
<dependencyManagement>
<dependencies>
<dependency>
<groupId>com.azure</groupId>
<artifactId>azure-sdk-bom</artifactId>
<version>{bom_version_to_target}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
Then include the direct dependency in the dependencies section without the version tag:
<dependencies>
<dependency>
<groupId>com.azure</groupId>
<artifactId>azure-identity-broker</artifactId>
</dependency>
</dependencies>
Include direct dependency
To take dependency on a particular version of the library that isn't present in the BOM, add the direct dependency to your project as follows:
<dependency>
<groupId>com.azure</groupId>
<artifactId>azure-identity-broker</artifactId>
<version>1.0.0-beta.1</version>
</dependency>
Prerequisites
- A Java Development Kit (JDK), version 8 or later.
- An Azure subscription.
- The Azure CLI can also be useful for authenticating in a development environment, creating accounts, and managing account roles.
Key concepts
Examples
Configure the InteractiveBrowserCredential to use the system authentication broker for Windows
long windowHandle = getWindowHandle(); // Samples below
InteractiveBrowserCredential cred = new InteractiveBrowserBrokerCredentialBuilder()
.setWindowHandle(windowHandle)
.build();
Obtain a window handle
JavaFX
This code will obtain the window handle for a JavaFX application for use with InteractiveBrowserCredentialBuilder:
public long getWindowHandle(Stage stage) {
try {
WinDef.HWND hwnd = User32.INSTANCE.FindWindow(null, stage.getTitle());
return Pointer.nativeValue(hwnd.getPointer());
} catch (Exception e) {
// Handle exceptions in an appropriate manner for your application.
// Not being able to retrieve a window handle for Windows is a fatal error.
throw e;
}
}
Troubleshooting
Credentials raise exceptions when they fail to authenticate or can't execute authentication. When credentials fail to authenticate a ClientAuthenticationException is raised. The exception has a message attribute, which describes why authentication failed. When this exception is raised by ChainedTokenCredential, the chained execution of underlying list of credentials is stopped.
When credentials can't execute authentication due to one of the underlying resources required by the credential being unavailable on the machine a CredentialUnavailableException is raised. The exception has a message attribute that describes why the credential is unavailable for authentication execution. When this exception is raised by ChainedTokenCredential, the message collects error messages from each credential in the chain.
See the troubleshooting guide for details on how to diagnose various failure scenarios.
Next steps
These Java client libraries support authenticating with TokenCredential and the Azure Identity library. To learn more about using these client libraries, see the aforementioned link.
The microsoft-graph-sdk also supports authenticating with TokenCredential and the Azure Identity library.
Contributing
This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.microsoft.com.
When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.
```