Package com.azure.core.credential

package com.azure.core.credential

Azure Core Credential library is designed to simplify the process of authenticating and authorizing access to Azure services from Java applications. The SDK provides a set of classes and methods that handle authentication and credential management, allowing developers to securely connect to Azure services without dealing with the low-level details of authentication protocols.

The library provides a unified way to obtain credentials for various Azure authentication mechanisms, such as Azure Active Directory (AAD), shared access signatures, and API keys. It abstracts the complexities of authentication and provides a consistent programming model for accessing Azure services.

By using the library, users can easily integrate Azure authentication into their applications, retrieve the required credentials based on the desired authentication method, and use those credentials to authenticate requests to Azure services like Azure Storage, Azure Key Vault, Azure Service Bus, and more.

The library offers several authentication types for authenticating with Azure services. Here are some of the authentication mechanisms supported by the library:

  • Azure Active Directory (AAD) Authentication
  • Shared Access Signature (SAS) Authentication
  • Key Based Authentication

Azure Active Directory (AAD) Authentication

This type of authentication allows you to authenticate using Azure Active Directory and obtain a token to access Azure resources. You can authenticate with AAD using client secrets, client certificates, or user credentials. The library offers TokenCredential interface which is accepted as an argument on the client builders in Azure SDKs where AAD authentication is supported. You can refer to and include our Azure Identity library in your application as it offers pluggable implementation of TokenCredential for various AAD based authentication mechanism including service principal, managed identity, and more.


Shared Access Signature (SAS) Authentication

Shared Access Signatures enable you to grant time-limited access to Azure resources. The library offers AzureSasCredential which allows you to authenticate using a shared access signature, which is a string-based token that grants access to specific resources for a specific period.

Sample: Azure SAS Authentication

The following code sample demonstrates the creation of a AzureSasCredential, using the sas token to configure it.

 AzureSasCredential azureSasCredential =
     new AzureSasCredential("AZURE-SERVICE-SAS-KEY");

Key Based Authentication

A key is a unique identifier or token that is associated with a specific user or application. It serves as a simple form of authentication to ensure that only authorized clients can access the protected resources or APIs. This authentication is commonly used for accessing certain services, such as Azure Cognitive Services, Azure Search, or Azure Management APIs. Each service may have its own specific way of using API keys, but the general concept remains the same. The library offers AzureKeyCredential and AzureNamedKeyCredential which can allows you to authenticate using a key.

Sample: Azure Key Authentication

The following code sample demonstrates the creation of a AzureKeyCredential, using the Azure service key to configure it.

 AzureKeyCredential azureKeyCredential = new AzureKeyCredential("AZURE-SERVICE-KEY");
See Also: