Add silent auth sample to TokenCache.md (#45263)

sdk/identity/Azure.Identity/samples/ClientSideUserAuthentication.md

@@ -124,7 +124,8 @@ using (var authRecordStream = new FileStream(AUTH_RECORD_PATH, FileMode.Open, Fi
 var credential = new InteractiveBrowserCredential(
     new InteractiveBrowserCredentialOptions
     {
-        TokenCachePersistenceOptions = new TokenCachePersistenceOptions(), AuthenticationRecord = authRecord
+        TokenCachePersistenceOptions = new TokenCachePersistenceOptions(),
+        AuthenticationRecord = authRecord
     });
 ```
 

sdk/identity/Azure.Identity/samples/TokenCache.md

@@ -85,6 +85,50 @@ By setting `UnsafeAllowUnencryptedStorage` to `true`, the credential will encryp
 If platform data protection is unavailable, it will write and read the persisted token data to an unencrypted local file ACL'd to the current account.
 If `UnsafeAllowUnencryptedStorage` is `false` (the default), a `CredentialUnavailableException` will be raised in the case no data protection is available.
 
+### Silently authenticate a user with AuthenticationRecord and TokenCachePersistenceOptions
+
+When authenticating a user via `InteractiveBrowserCredential`, `DeviceCodeCredential`, or `UsernamePasswordCredential`, an [AuthenticationRecord](https://learn.microsoft.com/dotnet/api/azure.identity.authenticationrecord?view=azure-dotnet) can be persisted as well. The authentication record is:
+
+- Returned from the `Authenticate` API and contains data identifying an authenticated account.
+- Needed to identify the appropriate entry in the persisted token cache to silently authenticate on subsequent executions.
+
+There's no sensitive data in the `AuthenticationRecord`, so it can be persisted in a non-protected state.
+
+Once an app has persisted an `AuthenticationRecord`, future authentications can be performed silently by setting `TokenCachePersistenceOptions` and `AuthenticationRecord` on the builder.
+
+Here's an example of an app storing the `AuthenticationRecord` to the local file system after authenticating the user:
+
+```C# Snippet:Identity_ClientSideUserAuthentication_Persist_TokenCache_AuthRecordPath
+private const string AUTH_RECORD_PATH = "./tokencache.bin";
+```
+
+```C# Snippet:Identity_ClientSideUserAuthentication_Persist_AuthRecord
+AuthenticationRecord authRecord = await credential.AuthenticateAsync();
+
+using (var authRecordStream = new FileStream(AUTH_RECORD_PATH, FileMode.Create, FileAccess.Write))
+{
+    await authRecord.SerializeAsync(authRecordStream);
+}
+```
+
+Now that the `AuthenticationRecord` is persisted, the app can silently authenticate the user:
+
+```C# Snippet:Identity_ClientSideUserAuthentication_Persist_SilentAuth
+AuthenticationRecord authRecord;
+
+using (var authRecordStream = new FileStream(AUTH_RECORD_PATH, FileMode.Open, FileAccess.Read))
+{
+    authRecord = await AuthenticationRecord.DeserializeAsync(authRecordStream);
+}
+
+var credential = new InteractiveBrowserCredential(
+    new InteractiveBrowserCredentialOptions
+    {
+        TokenCachePersistenceOptions = new TokenCachePersistenceOptions(),
+        AuthenticationRecord = authRecord
+    });
+```
+
 ## Credentials supporting token caching
 
 The following table indicates the state of in-memory and persistent caching in each credential type.

sdk/identity/Azure.Identity/tests/samples/UserAuthenticationSnippets.cs

@@ -117,7 +117,8 @@ public static async Task<TokenCredential> GetUserCredentialAsync()
                 var credential = new InteractiveBrowserCredential(
                     new InteractiveBrowserCredentialOptions
                     {
-                        TokenCachePersistenceOptions = new TokenCachePersistenceOptions(), AuthenticationRecord = authRecord
+                        TokenCachePersistenceOptions = new TokenCachePersistenceOptions(),
+                        AuthenticationRecord = authRecord
                     });
 
                 #endregion