AuthCodeCredential: Authorization code credential authentication

In azr: Credential Chain for Seamless 'OAuth 2.0' Authentication to 'Azure Services'

Authorization code credential authentication

Description

Authenticates a user through the OAuth 2.0 authorization code flow. This flow opens a web browser for the user to sign in.

Details

The authorization code flow is the standard OAuth 2.0 flow for interactive authentication. It requires a web browser and is suitable for applications where the user can interact with a browser window.

The credential supports token caching to avoid repeated authentication. Tokens can be cached to disk or in memory. A redirect URI is required for the OAuth flow to complete.

Super classes

azr::Credential -> azr::InteractiveCredential -> AuthCodeCredential

Methods

Public methods

• AuthCodeCredential$new()

• AuthCodeCredential$get_token()

• AuthCodeCredential$req_auth()

• AuthCodeCredential$clone()

Inherited methods

• azr::Credential$print()
• azr::Credential$validate()
• azr::InteractiveCredential$is_interactive()

---

Method new()

Create a new authorization code credential

Usage

AuthCodeCredential$new(
  scope = NULL,
  tenant_id = NULL,
  client_id = NULL,
  use_cache = "disk",
  offline = TRUE,
  redirect_uri = default_redirect_uri(),
  interactive = TRUE
)

Arguments

scope

A character string specifying the OAuth2 scope. Defaults to NULL.

tenant_id

A character string specifying the Azure Active Directory tenant ID. Defaults to NULL.

client_id

A character string specifying the application (client) ID. Defaults to NULL.

use_cache

A character string specifying the cache type. Use "disk" for disk-based caching or "memory" for in-memory caching. Defaults to "disk".

offline

A logical value indicating whether to request offline access (refresh tokens). Defaults to TRUE.

redirect_uri

A character string specifying the redirect URI registered with the application. Defaults to default_redirect_uri().

interactive

A logical value indicating whether this credential requires user interaction. Defaults to TRUE.

Returns

A new AuthCodeCredential object

---

Method get_token()

Get an access token using authorization code flow

Usage

AuthCodeCredential$get_token(reauth = FALSE)

Arguments

reauth

A logical value indicating whether to force reauthentication. Defaults to FALSE.

Returns

An httr2::oauth_token() object containing the access token

---

Method req_auth()

Add OAuth authorization code authentication to an httr2 request

Usage

AuthCodeCredential$req_auth(req)

Arguments

req

An httr2::request() object

Returns

The request object with OAuth authorization code authentication configured

---

Method clone()

The objects of this class are cloneable with this method.

Usage

AuthCodeCredential$clone(deep = FALSE)

Arguments

deep

Whether to make a deep clone.

Examples

# AuthCodeCredential requires an interactive session
## Not run: 
# Create credential with default settings
cred <- AuthCodeCredential$new(
  tenant_id = "your-tenant-id",
  client_id = "your-client-id",
  scope = "https://management.azure.com/.default"
)

# Get an access token (will open browser for authentication)
token <- cred$get_token()

# Force reauthentication
token <- cred$get_token(reauth = TRUE)

# Use with httr2 request
req <- httr2::request("https://management.azure.com/subscriptions")
req <- cred$req_auth(req)

## End(Not run)

azr documentation built on Feb. 18, 2026, 1:07 a.m.