Options
All
  • Public
  • Public/Protected
  • All
Menu

The PublicClientApplication class is the object exposed by the library to perform authentication and authorization functions in Single Page Applications to obtain JWT tokens as described in the OAuth 2.0 Authorization Code Flow with PKCE specification.

Hierarchy

  • ClientApplication
    • PublicClientApplication

Implements

Index

Constructors

constructor

Methods

acquireTokenPopup

acquireTokenRedirect

  • Use when you want to obtain an access_token for your API by redirecting the user's browser window to the authorization endpoint. This function redirects the page, so any code that follows this function will not execute.

    IMPORTANT: It is NOT recommended to have code that is dependent on the resolution of the Promise. This function will navigate away from the current browser window. It currently returns a Promise in order to reflect the asynchronous nature of the code running in this function.

    Parameters

    Returns Promise<void>

acquireTokenSilent

addEventCallback

disableAccountStorageEvents

  • disableAccountStorageEvents(): void

enableAccountStorageEvents

  • enableAccountStorageEvents(): void

getAccountByHomeId

  • getAccountByHomeId(homeAccountId: string): AccountInfo

getAccountByLocalId

  • getAccountByLocalId(localAccountId: string): AccountInfo

getAccountByUsername

  • Returns the signed in account matching username. (the account object is created at the time of successful login) or null when no matching account is found. This API is provided for convenience but getAccountById should be used for best reliability

    Parameters

    • userName: string

    Returns AccountInfo

    The account object stored in MSAL

getActiveAccount

getAllAccounts

getConfiguration

getLogger

getTokenCache

  • getTokenCache(): ITokenCache

handleRedirectPromise

  • Event handler function which allows users to fire events after the PublicClientApplication object has loaded during redirect flows. This should be invoked on all page loads involved in redirect auth flows.

    Parameters

    • Optional hash: string

      Hash to process. Defaults to the current value of window.location.hash. Only needs to be provided explicitly if the response to be handled is not contained in the current value.

    Returns Promise<AuthenticationResult>

    Token response or null. If the return value is null, then no auth redirect was detected.

initializeWrapperLibrary

  • initializeWrapperLibrary(sku: WrapperSKU, version: string): void

loginPopup

loginRedirect

  • Use when initiating the login process by redirecting the user's browser to the authorization endpoint. This function redirects the page, so any code that follows this function will not execute.

    IMPORTANT: It is NOT recommended to have code that is dependent on the resolution of the Promise. This function will navigate away from the current browser window. It currently returns a Promise in order to reflect the asynchronous nature of the code running in this function.

    Parameters

    Returns Promise<void>

logout

logoutPopup

logoutRedirect

removeEventCallback

  • removeEventCallback(callbackId: string): void

setActiveAccount

setLogger

  • setLogger(logger: Logger): void

setNavigationClient

ssoSilent

  • ssoSilent(request: Partial<Pick<CommonAuthorizationUrlRequest, "resourceRequestMethod" | "resourceRequestUri" | "shrClaims" | "shrNonce" | "claims" | "scopes" | "authority" | "correlationId" | "authenticationScheme" | "sshJwk" | "sshKid" | "redirectUri" | "account" | "domainHint" | "extraQueryParameters" | "tokenQueryParameters" | "extraScopesToConsent" | "loginHint" | "nonce" | "prompt" | "sid" | "state">>): Promise<AuthenticationResult>
  • This function uses a hidden iframe to fetch an authorization code from the eSTS. There are cases where this may not work:

    • Any browser using a form of Intelligent Tracking Prevention
    • If there is not an established session with the service

    In these cases, the request must be done inside a popup or full frame redirect.

    For the cases where interaction is required, you cannot send a request with prompt=none.

    If your refresh token has expired, you can use this function to fetch a new set of tokens silently as long as you session on the server still exists.

    Parameters

    • request: Partial<Pick<CommonAuthorizationUrlRequest, "resourceRequestMethod" | "resourceRequestUri" | "shrClaims" | "shrNonce" | "claims" | "scopes" | "authority" | "correlationId" | "authenticationScheme" | "sshJwk" | "sshKid" | "redirectUri" | "account" | "domainHint" | "extraQueryParameters" | "tokenQueryParameters" | "extraScopesToConsent" | "loginHint" | "nonce" | "prompt" | "sid" | "state">>

    Returns Promise<AuthenticationResult>

    A promise that is fulfilled when this function has completed, or rejected if an error was raised.

Generated using TypeDoc