System.Net.Security.AuthenticationSchemes

MSDN Library > .NET Framework > Class Library > System.Net > System.Net.Security > AuthenticationSchemes

Enumeration

Defines the authentication schemes that can be used for network connections.

Namespace: System.Net.Security

Assembly: System (in System.dll)

Inheritance Hierarchy: Object > ValueType > Enum > AuthenticationSchemes

Syntax

public enum AuthenticationSchemes

Members

The System.Net.Security.AuthenticationSchemes enumeration contains the following members:

Member Description
Anonymous No authentication is performed. This is the default value.
Basic Basic authentication is performed. The client sends the username and password in clear text.
Digest Digest authentication is performed. The client sends a hash of the username, password, and other information.
Integrated Integrated Windows authentication is performed. This is typically used in Windows domains.
Negotiate Negotiate authentication is performed. This allows the client and server to negotiate the most secure authentication method available.
NTLM NTLM authentication is performed. This is a challenge-response authentication protocol.
Kerberos Kerberos authentication is performed. This is a network authentication protocol designed to provide strong authentication for client/server applications.
AllSchemes All available authentication schemes are supported.

Remarks

The AuthenticationSchemes enumeration is used to specify the authentication methods that a HttpClient or HttpClientHandler can use when communicating with a server.

For example, you can set the AuthenticationSchemes property of an HttpClientHandler to restrict the authentication methods used by an HttpClient.

When using Integrated, the underlying operating system's default authentication provider is used. This is often NTLM or Kerberos in a Windows environment.

The Negotiate scheme allows for a more flexible approach, where the client and server can negotiate the most suitable authentication protocol, such as Kerberos or NTLM, based on their capabilities and the network environment.

Example

The following C# code example demonstrates how to set the authentication schemes for an HttpClientHandler to use integrated Windows authentication.

using System;
using System.Net;
using System.Net.Http;
using System.Threading.Tasks;

public class Example
{
    public static async Task Main()
    {
        // Create an HttpClientHandler instance
        var handler = new HttpClientHandler();

        // Set the authentication schemes to Integrated Windows Authentication
        // You can also combine schemes using the bitwise OR operator, e.g.,
        // handler.Credentials = new NetworkCredential("username", "password");
        // handler.AuthenticationSchemes = AuthenticationSchemes.Basic | AuthenticationSchemes.Digest;
        handler.AuthenticationSchemes = AuthenticationSchemes.Integrated;

        // Create an HttpClient instance with the handler
        using (var httpClient = new HttpClient(handler))
        {
            try
            {
                // Make a request to a secure endpoint
                // Replace with a valid URL that requires integrated authentication
                var response = await httpClient.GetAsync("https://your.secure.server.com/api/data");

                response.EnsureSuccessStatusCode(); // Throws if the status code is not 2xx

                var responseBody = await response.Content.ReadAsStringAsync();
                Console.WriteLine("Request successful:");
                Console.WriteLine(responseBody.Substring(0, Math.Min(responseBody.Length, 200)) + "...");
            }
            catch (HttpRequestException e)
            {
                Console.WriteLine($"\nException Caught!");
                Console.WriteLine("Message :" + e.Message);
            }
        }
    }
}

Related Articles and Topics