Package com.azure.core.credential
Azure Core Credential library is designed to simplify the process of authenticating and authorizing access to Azure services from Java applications. The SDK provides a set of classes and methods that handle authentication and credential management, allowing developers to securely connect to Azure services without dealing with the low-level details of authentication protocols.
The library provides a unified way to obtain credentials for various Azure authentication mechanisms, such as Azure Active Directory (AAD), shared access signatures, and API keys. It abstracts the complexities of authentication and provides a consistent programming model for accessing Azure services.
By using the library, users can easily integrate Azure authentication into their applications, retrieve the required credentials based on the desired authentication method, and use those credentials to authenticate requests to Azure services like Azure Storage, Azure Key Vault, Azure Service Bus, and more.
The library offers several authentication types for authenticating with Azure services. Here are some of the authentication mechanisms supported by the library:
- Azure Active Directory (AAD) Authentication
- Shared Access Signature (SAS) Authentication
- Key Based Authentication
Azure Active Directory (AAD) Authentication
This type of authentication allows you to authenticate using Azure Active Directory and obtain a token to access
Azure resources. You can authenticate with AAD using client secrets, client certificates, or user credentials.
The library offers TokenCredential
interface which is accepted as an argument
on the client builders in Azure SDKs where AAD authentication is supported.
You can refer to and include our
Azure Identity
library in your application as it offers pluggable implementation of
TokenCredential
for various AAD based authentication mechanism including
service principal, managed identity, and more.
Shared Access Signature (SAS) Authentication
Shared Access Signatures enable you to grant time-limited access to Azure resources. The library offers
AzureSasCredential
which allows you to authenticate using a shared access
signature, which is a string-based token that grants access to specific resources for a specific period.
Sample: Azure SAS Authentication
The following code sample demonstrates the creation of a AzureSasCredential
,
using the sas token to configure it.
AzureSasCredential azureSasCredential = new AzureSasCredential("AZURE-SERVICE-SAS-KEY");
Key Based Authentication
A key is a unique identifier or token that is associated with a specific user or application. It serves as a
simple form of authentication to ensure that only authorized clients can access the protected resources or APIs.
This authentication is commonly used for accessing certain services, such as Azure Cognitive Services, Azure Search,
or Azure Management APIs. Each service may have its own specific way of using API keys, but the general concept
remains the same. The library offers AzureKeyCredential
and
AzureNamedKeyCredential
which can allows you to authenticate using a key.
Sample: Azure Key Authentication
The following code sample demonstrates the creation of a AzureKeyCredential
,
using the Azure service key to configure it.
AzureKeyCredential azureKeyCredential = new AzureKeyCredential("AZURE-SERVICE-KEY");
-
ClassDescriptionRepresents an immutable access token with a token string and an expiration time.The
AzureKeyCredential
is used to authenticate and authorize requests made to Azure services.Represents a credential bag containing the key and the name of the key.TheAzureNamedKeyCredential
is used to authenticate and authorize requests made to Azure services.Represents a credential that uses a shared access signature to authenticate to an Azure Service.TheBasicAuthenticationCredential
is used to authenticate and authorize requests made to Azure services using the Basic authentication scheme.Represents a credential that uses a key to authenticate.The Simple Token Cache offers a basic in-memory token caching mechanism.Token Credential interface serves as a fundamental component for managing and providing access tokens required for Azure Active Directory (Azure AD) authentication when making requests to Azure services.TheTokenRequestContext
is a class used to provide additional information and context when requesting an access token from an authentication source.