@azure/identity readme azure -> Azure #12838
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -37,7 +37,7 @@ To authenticate in Visual Studio Code, first ensure the [Azure Account Extension | |
|
|
||
| Applications using the `AzureCliCredential`, rather directly or via the `DefaultAzureCredential`, can use the Azure CLI account to authenticate calls in the application when running locally. | ||
|
|
||
| To authenticate with the [Azure CLI][azure_cli] users can run the command `az login`. For users running on a system with a default web browser the Azure cli will launch the browser to authenticate the user. | ||
|
|
||
| ![Azure CLI Account Sign In][azureclilogin_image] | ||
|
|
||
|
|
@@ -107,24 +107,32 @@ This example demonstrates authenticating the `KeyClient` from the [@azure/keyvau | |
| ```javascript | ||
| // The default credential first checks environment variables for configuration as described above. | ||
| // If environment configuration is incomplete, it will try managed identity. | ||
|
|
||
| // Azure Key Vault service to use | ||
| const { KeyClient } = require("@azure/keyvault-keys"); | ||
|
|
||
| // Azure authentication library to access Azure Key Vault | ||
| const { DefaultAzureCredential } = require("@azure/identity"); | ||
|
|
||
| // Azure SDK clients accept the credential as a parameter | ||
| const credential = new DefaultAzureCredential(); | ||
|
|
||
| // Create authenticated client | ||
| const client = new KeyClient(vaultUrl, credential); | ||
|
|
||
| // Use service from authenticated client | ||
| const getResult = await client.getKey("MyKeyName"); | ||
| ``` | ||
|
|
||
| ### Specifying a user assigned managed identity with the `DefaultAzureCredential` | ||
|
|
||
| Many Azure hosts allow the assignment of a user assigned managed identity. This example demonstrates configuring the `DefaultAzureCredential` to authenticate a user assigned identity when deployed to an Azure host. It then authenticates a `KeyClient` from the [@azure/keyvault-keys](https://www.npmjs.com/package/@azure/keyvault-keys) client library with credential. | ||
|
|
||
| ```ts | ||
| const { KeyClient } = require("@azure/keyvault-keys"); | ||
| const { DefaultAzureCredential } = require("@azure/identity"); | ||
|
|
||
| // when deployed to an Azure host the default Azure credential will authenticate the specified user assigned managed identity | ||
| var credential = new DefaultAzureCredential({ managedIdentityClientId: userAssignedClientId }); | ||
|
|
||
| const client = new KeyClient(vaultUrl, credential); | ||
|
|
@@ -157,7 +165,7 @@ const client = new KeyClient(vaultUrl, credentialChain); | |
| | `DefaultAzureCredential` | provides a simplified authentication experience to quickly start developing applications run in the Azure cloud | | ||
| | `ChainedTokenCredential` | allows users to define custom authentication flows composing multiple credentials | | ||
| | `EnvironmentCredential` | authenticates a service principal or user via credential information specified in environment variables | | ||
| | `ManagedIdentityCredential` | authenticates the managed identity of an Azure resource | | ||
|
|
||
| ### Authenticating Service Principals | ||
|
|
||
|
|
@@ -211,6 +219,8 @@ Currently, the following client libraries support authenticating with `TokenCred | |
| - [@azure/storage-blob](https://npmjs.com/package/@azure/storage-blob) | ||
| - [@azure/storage-queue](https://npmjs.com/package/@azure/storage-queue) | ||
|
|
||
| If you need to authenticate to a different service, use the [@azure/ms-rest-js](https://www.npmjs.com/package/@azure/ms-rest-js) client library. | ||
|
There was a problem hiding this comment. ms-rest-js is not used for auth, the alternatives would be to use ms-rest-nodeauth for node applications and ms-rest-browserauth for browser applications. The list above is not complete. We have about 10 more packages that now work with Azure Identity. Moreover, with the code generator updated as described in Azure/autorest.typescript#815, the Azure Identity library will be usable with all auto generated packages. So, I believe this clarification would not be needed There was a problem hiding this comment. We agreed to undo change to line 222 and remove package list right above it. There was a problem hiding this comment. This is done in #13113 |
||
|
|
||
| ### Read the documentation | ||
|
|
||
| API documentation for this library can be found on our [documentation site](https://docs.microsoft.com/javascript/api/@azure/identity). | ||
|
|
||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hello! Thank you for making this pull request. I appreciate the effort you're putting here! I like these casing on the Azure name, very necessary! Thanks!