Add TokenRequestOptions.EnableCAE (#21362)

Azure · Aug 14, 2023 · f6a43aa · f6a43aa
1 parent 6e69b23
commit f6a43aa
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 0 deletions.
diff --git a/sdk/azcore/CHANGELOG.md b/sdk/azcore/CHANGELOG.md
@@ -5,6 +5,7 @@
 ### Features Added
 
 * Added function `SanitizePagerPollerPath` to the `server` package to centralize sanitization and formalize the contract.
+* Added `TokenRequestOptions.EnableCAE` to indicate whether to request a CAE token
 
 ### Breaking Changes
 

diff --git a/sdk/azcore/internal/exported/exported.go b/sdk/azcore/internal/exported/exported.go
@@ -57,6 +57,13 @@ type TokenRequestOptions struct {
 	// service may return in a claims challenge following an authorization failure. If a service returned the
 	// claims value base64 encoded, it must be decoded before setting this field.
 	Claims string
+
+	// EnableCAE indicates whether to enable Continuous Access Evaluation (CAE) for the requested token. When true,
+	// azidentity credentials request CAE tokens for resource APIs supporting CAE. Clients are responsible for
+	// handling CAE challenges. If a client that doesn't handle CAE challenges receives a CAE token, it may end up
+	// in a loop retrying an API call with a token that has been revoked due to CAE.
+	EnableCAE bool
+
 	// Scopes contains the list of permission scopes required for the token.
 	Scopes []string