Table of Contents

Class MsalTestOptions

Namespace
Trellis.Testing
Assembly
Trellis.Testing.dll

Configuration options for acquiring real Azure Entra ID tokens in E2E integration tests using MSAL (Microsoft Authentication Library).

public sealed class MsalTestOptions
Inheritance
MsalTestOptions
Inherited Members
Extension Methods

Remarks

Store sensitive values (ClientSecret, user passwords) in environment variables or test secrets — never commit them to source code.

Typical setup: 

var options = new MsalTestOptions
{
    TenantId = Environment.GetEnvironmentVariable("ENTRA_TEST_TENANT_ID")!,
    ClientId = Environment.GetEnvironmentVariable("ENTRA_TEST_CLIENT_ID")!,
    Scopes = ["api://my-api/.default"],
    TestUsers =
    {
        ["salesRep"] = new TestUserCredentials
        {
            Username = "salesrep@contoso.onmicrosoft.com",
            Password = Environment.GetEnvironmentVariable("ENTRA_TEST_SALESREP_PASSWORD")!,
            ExpectedPermissions = ["orders:create", "orders:read"]
        }
    }
};

Properties

ClientId

The application (client) ID of the Azure Entra app registration. The app registration must have "Allow public client flows" enabled for ROPC.

public string ClientId { get; set; }

Property Value

string

Scopes

The scopes to request when acquiring tokens. Typically ["api://{clientId}/.default"] for daemon/service tokens.

public string[] Scopes { get; set; }

Property Value

string[]

TenantId

The Azure Entra ID tenant ID (GUID or domain, e.g., "contoso.onmicrosoft.com").

public string TenantId { get; set; }

Property Value

string

TestUsers

Named test users with credentials and expected permissions. Use descriptive names matching role conventions (e.g., "salesRep", "warehouseManager", "admin").

public Dictionary<string, TestUserCredentials> TestUsers { get; set; }

Property Value

Dictionary<string, TestUserCredentials>
Edit this page