AuthenticationResult

In all of the authentication flows, the methods to acquire tokens return a Future<AuthenticationResult>. The AuthenticationResult class contains the following attributes:

• accessToken for the Web API access. This is a string, usually a base64 encoded JWT but the client should never look inside the access token. The format isn't guaranteed to remain stable and it can be encrypted for the resource. People writing code depending on access token content on the client is one of the biggest sources of errors when client logic breaks.
• refreshToken a token with longer lifetime used to renew the access token when it expires
• idToken a token representing the authentication of the user (this is a JWT)
• expiresOn tells the date/time when the token expires
• accessTokenType (usually "Bearer" for Azure AD tokens)
• isMultipleResourceRefreshToken
• userInfo:
  • In ADAL4J, when the token is acquired for a given user, the information about the user is exposed through the UserInfo class which exposes:
    • The displayable id for the user (this can be an email address)
    • The user's family name
    • The user's given name (which can be an email address)
    • The identity provider holding the user identity. This is the STS associated with the authority containing the user (for instance https://sts.windows.net//). Note that in the case when the user is a user of the tenant, the usersHomeTenantId part of the IdentityProvider will be the TenantId. If the user is a guest user of the tenant, the usersHomeTenantId will be the home tenant id of the user.
    • A Uri related to the authority enabling the user to change his password. This can be null
    • The password expiration date for the user. This can be null
    • A unique ID for the user in the identity provider.