pub trait TokenCredential: Send + Sync {
// Required method
fn get_token<'life0, 'async_trait>(
&'life0 self,
) -> Pin<Box<dyn Future<Output = Result<String>> + Send + 'async_trait>>
where Self: 'async_trait,
'life0: 'async_trait;
// Provided method
fn get_token_for_scope<'life0, 'life1, 'async_trait>(
&'life0 self,
_scope: &'life1 str,
) -> Pin<Box<dyn Future<Output = Result<String>> + Send + 'async_trait>>
where Self: 'async_trait,
'life0: 'async_trait,
'life1: 'async_trait { ... }
}Expand description
Supplies bearer tokens for Microsoft Entra ID authentication.
Implement this to integrate a real credential chain (e.g. the
AzureCliCredential,
ClientSecretCredential,
ManagedIdentityCredential, and
ChainedTokenCredential that ship with
this crate); StaticTokenCredential is provided for a fixed/pre-fetched
token (useful in tests, short-lived scripts, or when the caller manages
token refresh externally).
Most credentials are bound to a single configured scope (audience) and
get_token fetches a token for it. A caller that needs a
token for a different scope from the same credential uses
get_token_for_scope; the default
implementation ignores the scope and delegates to
get_token, which is correct for fixed-token credentials
but is overridden by the real credentials so each scope is fetched (and
cached) independently.
Required Methods§
Provided Methods§
Sourcefn get_token_for_scope<'life0, 'life1, 'async_trait>(
&'life0 self,
_scope: &'life1 str,
) -> Pin<Box<dyn Future<Output = Result<String>> + Send + 'async_trait>>where
Self: 'async_trait,
'life0: 'async_trait,
'life1: 'async_trait,
fn get_token_for_scope<'life0, 'life1, 'async_trait>(
&'life0 self,
_scope: &'life1 str,
) -> Pin<Box<dyn Future<Output = Result<String>> + Send + 'async_trait>>where
Self: 'async_trait,
'life0: 'async_trait,
'life1: 'async_trait,
Fetch a bearer token for a specific scope (audience), e.g.
"https://ai.azure.com/.default".
The default implementation ignores scope and delegates to
get_token — appropriate for credentials that wrap a
single fixed token. Credentials that mint tokens per audience override
this to honor the requested scope.
Dyn Compatibility§
This trait is dyn compatible.
In older versions of Rust, dyn compatibility was called "object safety".