summary:"Fluent credential builder for instantiating a <xref uid=\"com.azure.identity.ClientAssertionCredential\" data-throw-if-not-resolved=\"false\" data-raw-source=\"ClientAssertionCredential\"></xref>."
summary:"Creates a new <xref uid=\"com.azure.identity.ClientAssertionCredential\" data-throw-if-not-resolved=\"false\" data-raw-source=\"ClientAssertionCredential\"></xref> with the current configurations."
syntax:"public ClientAssertionCredential build()"
desc:"Creates a new <xref uid=\"com.azure.identity.ClientAssertionCredential\" data-throw-if-not-resolved=\"false\" data-raw-source=\"ClientAssertionCredential\"></xref> with the current configurations."
returns:
description:"a <xref uid=\"com.azure.identity.ClientAssertionCredential\" data-throw-if-not-resolved=\"false\" data-raw-source=\"ClientAssertionCredential\"></xref> with the current configurations."
desc:"Configures the persistent shared token cache options and enables the persistent token cache which is disabled by default. If configured, the credential will store tokens in a cache persisted to the machine, protected to the current user, which can be shared by other credentials and processes."
returns:
description:"An updated instance of this builder with the token cache options configured."
desc:"Fluent credential builder for instantiating a <xref uid=\"com.azure.identity.ClientAssertionCredential\" data-throw-if-not-resolved=\"false\" data-raw-source=\"ClientAssertionCredential\"></xref>.\n\nThe <xref uid=\"com.azure.identity.ClientAssertionCredential\" data-throw-if-not-resolved=\"false\" data-raw-source=\"ClientAssertionCredential\"></xref> acquires a token via client assertion and service principal authentication. This authentication method provides a secure and scalable way for client applications to access Azure resources without the need for users to provide their credentials. It is often used in scenarios where a client application needs to access Azure resources on behalf of a user, such as in a multi-tier application architecture. In this authentication method, the client application creates a JSON Web Token (JWT) that includes information about the service principal (such as its client ID and tenant ID) and signs it using a client secret. The client then sends this token to [Microsoft Entra ID][] as proof of its identity. Microsoft Entra ID verifies the token signature and checks that the service principal has the necessary permissions to access the requested Azure resource. If the token is valid and the service principal is authorized, Microsoft Entra ID issues an access token that the client application can use to access the requested resource. The <xref uid=\"com.azure.identity.ClientAssertionCredential\" data-throw-if-not-resolved=\"false\" data-raw-source=\"ClientAssertionCredential\"></xref> acquires an access token with a client client assertion for a service principal/registered Microsoft Entra application. The tenantId, clientId and clientAssertion of the service principal are required for this credential to acquire an access token. It can be used both in Azure hosted and local development environments for authentication.\n\n**Sample: Construct a simple ClientAssertionCredential**\n\nThe following code sample demonstrates the creation of a <xref uid=\"com.azure.identity.ClientAssertionCredential\" data-throw-if-not-resolved=\"false\" data-raw-source=\"ClientAssertionCredential\"></xref>, using the <xref uid=\"com.azure.identity.ClientAssertionCredentialBuilder\" data-throw-if-not-resolved=\"false\" data-raw-source=\"ClientAssertionCredentialBuilder\"></xref> to configure it. The `tenantId`, `clientId` and `certificate` parameters are required to create <xref uid=\"com.azure.identity.ClientAssertionCredential\" data-throw-if-not-resolved=\"false\" data-raw-source=\"ClientAssertionCredential\"></xref>. Once this credential is created, it may be passed into the builder of many of the Azure SDK for Java client builders as the 'credential' parameter.\n\n```java\nTokenCredential clientAssertionCredential = new ClientAssertionCredentialBuilder().tenantId(tenantId)\n .clientId(clientId)\n .clientAssertion(() -> \"<Client-Assertion>\")\n .build();\n```\n\n**Sample: Construct a ClientAssertionCredential behind a proxy**\n\nThe following code sample demonstrates the creation of a <xref uid=\"com.azure.identity.ClientAssertionCredential\" data-throw-if-not-resolved=\"false\" data-raw-source=\"ClientAssertionCredential\"></xref>, using the <xref uid=\"com.azure.identity.ClientAssertionCredentialBuilder\" data-throw-if-not-resolved=\"false\" data-raw-source=\"ClientAssertionCredentialBuilder\"></xref> to configure it. The `tenantId`, `clientId` and `clientAssertion` parameters are required to create <xref uid=\"com.azure.identity.ClientAssertionCredential\" data-throw-if-not-resolved=\"false\" data-raw-source=\"ClientAssertionCredential\"></xref>. THe `proxyOptions` can be optionally configured to target a proxy. Once this credential is created, it may be passed into the builder of many of the Azure SDK for Java client builders as the 'credential' parameter.\n\n```java\nTokenCredential assertionCredential = new ClientAssertionCredentialBuilder().tenantId(tenantId)\n .clientId(clientId)\n .clientAssertion(() -> \"<Client-Assertion>\")\n .proxyOptions(new ProxyOptions(Type.HTTP