### YamlMime:JavaType
uid: "com.azure.identity.DeviceCodeCredential"
fullName: "com.azure.identity.DeviceCodeCredential"
name: "DeviceCodeCredential"
nameWithType: "DeviceCodeCredential"
summary: "Device code authentication is a type of authentication flow offered by [Microsoft Entra ID][] that allows users to sign in to applications on devices that don't have a web browser or a keyboard.\n\n\n[Microsoft Entra ID]: https://learn.microsoft.com/entra/fundamentals/"
inheritances:
- "<xref href=\"java.lang.Object?displayProperty=fullName\" data-throw-if-not-resolved=\"False\" />"
inheritedClassMethods:
- classRef: "java.lang.<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html\">Object</a>"
  methodsRef:
  - "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#clone--\">clone</a>"
  - "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#equals-java.lang.Object-\">equals</a>"
  - "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#finalize--\">finalize</a>"
  - "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#getClass--\">getClass</a>"
  - "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#hashCode--\">hashCode</a>"
  - "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#notify--\">notify</a>"
  - "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#notifyAll--\">notifyAll</a>"
  - "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#toString--\">toString</a>"
  - "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#wait--\">wait</a>"
  - "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#wait-long-\">wait</a>"
  - "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#wait-long-int-\">wait</a>"
syntax: "public class **DeviceCodeCredential**</br> implements <xref href=\"com.azure.core.credential.TokenCredential?alt=com.azure.core.credential.TokenCredential&text=TokenCredential\" data-throw-if-not-resolved=\"False\" />"
methods:
- uid: "com.azure.identity.DeviceCodeCredential.authenticate()"
  fullName: "com.azure.identity.DeviceCodeCredential.authenticate()"
  name: "authenticate()"
  nameWithType: "DeviceCodeCredential.authenticate()"
  summary: "Authenticates a user via the device code flow."
  syntax: "public Mono<AuthenticationRecord> authenticate()"
  desc: "Authenticates a user via the device code flow.\n\nThe credential acquires a verification URL and code from the Microsoft Entra ID. The user must browse to the URL, enter the code, and authenticate with Microsoft Entra ID. If the user authenticates successfully, the credential receives an access token. This method will always generate a challenge to the user."
  returns:
    description: "The <xref uid=\"com.azure.identity.AuthenticationRecord\" data-throw-if-not-resolved=\"false\" data-raw-source=\"AuthenticationRecord\"></xref> which can be used to silently authenticate the account\n on future execution if persistent caching was configured via\n <xref uid=\"com.azure.identity.DeviceCodeCredentialBuilder.tokenCachePersistenceOptions(com.azure.identity.TokenCachePersistenceOptions)\" data-throw-if-not-resolved=\"false\" data-raw-source=\"DeviceCodeCredentialBuilder#tokenCachePersistenceOptions(TokenCachePersistenceOptions)\"></xref>\n when credential was instantiated."
    type: "<a href=\"https://projectreactor.io/docs/core/release/api/reactor/core/publisher/Mono.html\">Mono</a>&lt;<xref href=\"com.azure.identity.AuthenticationRecord?alt=com.azure.identity.AuthenticationRecord&text=AuthenticationRecord\" data-throw-if-not-resolved=\"False\" />&gt;"
- uid: "com.azure.identity.DeviceCodeCredential.authenticate(com.azure.core.credential.TokenRequestContext)"
  fullName: "com.azure.identity.DeviceCodeCredential.authenticate(TokenRequestContext request)"
  name: "authenticate(TokenRequestContext request)"
  nameWithType: "DeviceCodeCredential.authenticate(TokenRequestContext request)"
  summary: "Authenticates a user via the device code flow."
  parameters:
  - description: "The details of the authentication request."
    name: "request"
    type: "<xref href=\"com.azure.core.credential.TokenRequestContext?alt=com.azure.core.credential.TokenRequestContext&text=TokenRequestContext\" data-throw-if-not-resolved=\"False\" />"
  syntax: "public Mono<AuthenticationRecord> authenticate(TokenRequestContext request)"
  desc: "Authenticates a user via the device code flow.\n\nThe credential acquires a verification URL and code from the Microsoft Entra ID. The user must browse to the URL, enter the code, and authenticate with Microsoft Entra ID. If the user authenticates successfully, the credential receives an access token. This method will always generate a challenge to the user."
  returns:
    description: "The <xref uid=\"com.azure.identity.AuthenticationRecord\" data-throw-if-not-resolved=\"false\" data-raw-source=\"AuthenticationRecord\"></xref> which can be used to silently authenticate the account\n on future execution if persistent caching was configured via\n <xref uid=\"com.azure.identity.DeviceCodeCredentialBuilder.tokenCachePersistenceOptions(com.azure.identity.TokenCachePersistenceOptions)\" data-throw-if-not-resolved=\"false\" data-raw-source=\"DeviceCodeCredentialBuilder#tokenCachePersistenceOptions(TokenCachePersistenceOptions)\"></xref>\n when credential was instantiated."
    type: "<a href=\"https://projectreactor.io/docs/core/release/api/reactor/core/publisher/Mono.html\">Mono</a>&lt;<xref href=\"com.azure.identity.AuthenticationRecord?alt=com.azure.identity.AuthenticationRecord&text=AuthenticationRecord\" data-throw-if-not-resolved=\"False\" />&gt;"
- uid: "com.azure.identity.DeviceCodeCredential.getToken(com.azure.core.credential.TokenRequestContext)"
  fullName: "com.azure.identity.DeviceCodeCredential.getToken(TokenRequestContext request)"
  name: "getToken(TokenRequestContext request)"
  nameWithType: "DeviceCodeCredential.getToken(TokenRequestContext request)"
  parameters:
  - name: "request"
    type: "<xref href=\"com.azure.core.credential.TokenRequestContext?alt=com.azure.core.credential.TokenRequestContext&text=TokenRequestContext\" data-throw-if-not-resolved=\"False\" />"
  syntax: "public Mono<AccessToken> getToken(TokenRequestContext request)"
  returns:
    type: "<a href=\"https://projectreactor.io/docs/core/release/api/reactor/core/publisher/Mono.html\">Mono</a>&lt;<xref href=\"com.azure.core.credential.AccessToken?alt=com.azure.core.credential.AccessToken&text=AccessToken\" data-throw-if-not-resolved=\"False\" />&gt;"
- uid: "com.azure.identity.DeviceCodeCredential.getTokenSync(com.azure.core.credential.TokenRequestContext)"
  fullName: "com.azure.identity.DeviceCodeCredential.getTokenSync(TokenRequestContext request)"
  name: "getTokenSync(TokenRequestContext request)"
  nameWithType: "DeviceCodeCredential.getTokenSync(TokenRequestContext request)"
  parameters:
  - name: "request"
    type: "<xref href=\"com.azure.core.credential.TokenRequestContext?alt=com.azure.core.credential.TokenRequestContext&text=TokenRequestContext\" data-throw-if-not-resolved=\"False\" />"
  syntax: "public AccessToken getTokenSync(TokenRequestContext request)"
  returns:
    type: "<xref href=\"com.azure.core.credential.AccessToken?alt=com.azure.core.credential.AccessToken&text=AccessToken\" data-throw-if-not-resolved=\"False\" />"
type: "class"
desc: "Device code authentication is a type of authentication flow offered by [Microsoft Entra ID][] that allows users to sign in to applications on devices that don't have a web browser or a keyboard. This authentication method is particularly useful for devices such as smart TVs, gaming consoles, and Internet of Things (IoT) devices that may not have the capability to enter a username and password. With device code authentication, the user is presented with a device code on the device that needs to be authenticated. The user then navigates to a web browser on a separate device and enters the code on the Microsoft sign-in page. After the user enters the code, Microsoft Entra ID verifies it and prompts the user to sign in with their credentials, such as a username and password or a multi-factor authentication (MFA) method. Device code authentication can be initiated using various Microsoft Entra-supported protocols, such as OAuth 2.0 and OpenID Connect, and it can be used with a wide range of Microsoft Entra-integrated applications. The DeviceCodeCredential interactively authenticates a user and acquires a token on devices with limited UI. It works by prompting the user to visit a login URL on a browser-enabled machine when the application attempts to authenticate. The user then enters the device code mentioned in the instructions along with their login credentials. Upon successful authentication, the application that requested authentication gets authenticated successfully on the device it's running on. For more information refer to the [device code authentication documentation][].\n\n**Required configuration:**\n\nTo authenticate a user through device code flow, use the following steps:\n\n1.  Go to Microsoft Entra ID in Azure portal and find your app registration.\n2.  Navigate to the Authentication section.\n3.  Under Suggested Redirected URIs, check the URI that ends with /common/oauth2/nativeclient.\n4.  Under Default Client Type, select yes for Treat application as a public client.\n\nThese steps will let the application authenticate, but it still won't have permission to log you into Active Directory, or access resources on your behalf. To address this issue, navigate to API Permissions, and enable Microsoft Graph and the resources you want to access, such as Azure Service Management, Key Vault, and so on. You also need to be the admin of your tenant to grant consent to your application when you log in for the first time. If you can't configure the device code flow option on your Active Directory, then it may require your app to be multi- tenant. To make your app multi-tenant, navigate to the Authentication panel, then select Accounts in any organizational directory. Then, select yes for Treat application as Public Client.\n\n**Sample: Construct DeviceCodeCredential**\n\nThe following code sample demonstrates the creation of a <xref uid=\"com.azure.identity.DeviceCodeCredential\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.identity.DeviceCodeCredential\"></xref>, using the <xref uid=\"com.azure.identity.DeviceCodeCredentialBuilder\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.identity.DeviceCodeCredentialBuilder\"></xref> to configure it. By default, the credential prints the device code challenge on the command line, to override that behaviours a `challengeConsumer` can be optionally specified on the <xref uid=\"com.azure.identity.DeviceCodeCredentialBuilder\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.identity.DeviceCodeCredentialBuilder\"></xref>. Once this credential is created, it may be passed into the builder of many of the Azure SDK for Java client builders as the 'credential' parameter.\n\n```java\nTokenCredential deviceCodeCredential = new DeviceCodeCredentialBuilder()\n     .build();\n```\n\n\n[Microsoft Entra ID]: https://learn.microsoft.com/entra/fundamentals/\n[device code authentication documentation]: https://aka.ms/azsdk/java/identity/devicecodecredential/docs"
implements:
- "<xref href=\"com.azure.core.credential.TokenCredential?alt=com.azure.core.credential.TokenCredential&text=TokenCredential\" data-throw-if-not-resolved=\"False\" />"
metadata: {}
package: "com.azure.identity"
artifact: com.azure:azure-identity:1.13.3