-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Enhancement Proposal] Support "bring your own access token" #16459
Comments
Enhancement Proposal |
Azure CLI can take advantage of |
That would be cool. especially if those I often have scrips that export AZURE_DEFAULTS_LOCATION and AZURE_DEFAULTS_GROUP to save including |
If you are looking for this option to run few cli commands parallelly with different user context, the option of AZURE_CONFIG_DIR may be helpful |
Limitations
|
@jiasli Both AWS and AlibabaCloud support obtaining a token from an external program |
We understand the limitation and we confirm our scenario need this feature.
|
Any updates on this? |
Is your feature request related to a problem? Please describe.
We have received several feature requests that the user would like to provide their own access token, without interacting with AAD.
Azure PowerShell cmdlet
Connect-AzAccount
supports-AccessToken
.Describe the solution you'd like
az login
should support either--access-token
argument which accepts an access token with Subscriptions - List permission:--access-token
(may not have Subscriptions - List permission) and--subscription
which explicitly specifies the default subscription (also see [Enhancement Proposal] Support--subscription
inaz login
#14933):Each
az
command should support a global argument--access-token
which can be used together with--subscription
to invoke ARM request:I previously made a prototype: [Demo] Allow specifying a custom access token jiasli/azure-cli#12
Consume an environment variable
AZURE_CLI_ACCESS_TOKEN
so that all commands can use the same access token:Also, since environment variables are preserved in memory, is it much safer than saving the access token to hard disk. Also see Enable authentication via environment variables #10241
The text was updated successfully, but these errors were encountered: