This documentation is archived and is not being maintained.

NegotiateStream.AuthenticateAsClient Method (NetworkCredential, ChannelBinding, String, ProtectionLevel, TokenImpersonationLevel)

Called by clients to authenticate the client, and optionally the server, in a client-server connection. The authentication process uses the specified credential, authentication options, and channel binding.

Namespace:  System.Net.Security
Assembly:  System (in System.dll)

public virtual void AuthenticateAsClient(
	NetworkCredential credential,
	ChannelBinding binding,
	string targetName,
	ProtectionLevel requiredProtectionLevel,
	TokenImpersonationLevel allowedImpersonationLevel


Type: System.Net.NetworkCredential
The NetworkCredential that is used to establish the identity of the client.
Type: System.Security.Authentication.ExtendedProtection.ChannelBinding
The ChannelBinding that is used for extended protection.
Type: System.String
The Service Principal Name (SPN) that uniquely identifies the server to authenticate.
Type: System.Net.Security.ProtectionLevel
One of the ProtectionLevel values, indicating the security services for the stream.
Type: System.Security.Principal.TokenImpersonationLevel
One of the TokenImpersonationLevel values, indicating how the server can use the client's credentials to access resources.


targetName is null.

- or -

credential is null.


allowedImpersonationLevel is not a valid value.


The authentication failed. You can use this object to retry the authentication.


The authentication failed. You can use this object to retry the authentication.


Authentication has already occurred.

- or -

This stream was used previously to attempt authentication as the server. You cannot use the stream to retry authentication as the client.


This object has been closed.

Use the requiredProtectionLevel parameter to request security services for data transmitted using the authenticated stream. For example, to have the data encrypted and signed, specify the EncryptAndSign value. Successful authentication does not guarantee that the requested ProtectionLevel has been granted. You must check the IsEncrypted and IsSigned properties to determine what security services are used by the NegotiateStream.

The ChannelBinding used for extended protection that is passed to this method in the binding parameter would be retrieved by an application from TransportContext property on the associated SslStream.

If the authentication fails, you receive an AuthenticationException or an InvalidCredentialException. In this case, you can retry the authentication with a different credential.

.NET Framework

Supported in: 4

.NET Framework Client Profile

Supported in: 4

Windows 7, Windows Vista SP1 or later, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later)

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.