Package io.grpc

Class ChannelCredentials

  • Direct Known Subclasses:
    ChoiceChannelCredentials, CompositeChannelCredentials, InsecureChannelCredentials, TlsChannelCredentials
    public abstract class ChannelCredentials
extends Object
    Represents a security configuration to be used for channels. There is no generic mechanism for processing arbitrary ChannelCredentials; the consumer of the credential (the channel) must support each implementation explicitly and separately. Consumers are not required to support all types or even all possible configurations for types that are partially supported, but they must at least fully support ChoiceChannelCredentials.

    A ChannelCredential provides client identity and authenticates the server. This is different from CallCredentials, which only provides client identity. They can also influence types of encryption used and similar security configuration.

    The concrete credential type should not be relevant to most users of the API and may be an implementation decision. Users should generally use the ChannelCredentials type for variables instead of the concrete type. Freshly-constructed credentials should be returned as ChannelCredentials instead of a concrete type to encourage this pattern. Concrete types would only be used after instanceof checks (which must consider ChoiceChannelCredentials!).

    • Constructor Detail

      • ChannelCredentials

        public ChannelCredentials()

    • Method Detail

      • withoutBearerTokens

        public abstract ChannelCredentials withoutBearerTokens()
        Returns the ChannelCredentials stripped of its CallCredentials. In the future, this may strip only some of the CallCredentials, preserving call credentials that are safe from replay attacks (e.g., if the token is bound to the channel's certificate).
        Since:
        1.35.0