-
Notifications
You must be signed in to change notification settings - Fork 286
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Authentication dialog opens for .NET Core when using Active Directory Interactive Authentication #735
Comments
"Active Directory Interactive" authentication mode by-design performs authentication interactively with a dialog window. It seems like you want to make use of Managed Identity when authenticating. On the other hand, we'll be introducing a different authentication mode for Managed Identity based authentication specifically, to be used as "Active Directory Managed Identity" (Feature #616 - WIP #730). |
Indeed you are totally right, I forgot I was using this library. Thanks for the information. Will this Managed Identity based authentication work for local debugging in Visual Studio as well (using the identity of the account logged in Visual Studio) ? |
I'm not sure what you mean by "Identity of account logged in Visual Studio". Can you point me to any official documentation that discusses this approach? |
To clarify these two behaviors you need working:
|
Yes sure I am referring to this documentation
I don't want to have to change my connection string depending on whether I a running the code locally or on Azure. I want the connection string to be specified in my app settings file and the code to use the identity appropriate to my context. |
By the way, I did not manage to make the "Active Directory Integrated" work for me maybe because the Azure SQL Resource in on a different tenant (from a client company) than my Microsoft account (of my consulting company). |
Interesting! I will look more into it and get back to you! |
I did discuss this internally and it may be possible improve the overall design of Managed Identity authentication experience to match that of AppAuthentication library if we take dependency on Azure.Identity and support fallback for developers. As of now, it won't be part of next release since we cannot take dependency on Azure.Identity for the same. Keeping issue open to address this in future. |
In the meantime, there's another solution you could implement that will bring back same experience for you with .NET Core too, as I mentioned here: #730 (comment) |
I have been using Microsft.Data.SqlClient in .NET Framework with Active Directory Interactive authentication and it worked great:
I have seen that Active Directory Interactive authentication is now available for .NET Core as well but it does not behave at all the same way. Each time I do a
connection.OpenAsync()
it launches an authentication dialog in my browser for me to log in with my account. Then my code can successfully make request to the database but I don't want to do a manual action each time my code runs locally.Am I missing something ? My database connection string has the following format :
"Server=tcp:sql-dev-myserver-data.database.windows.net,1433;Initial Catalog=db-dev-kpis;Persist Security Info=False;MultipleActiveResultSets=False;Encrypt=True;Authentication=Active Directory Interactive;"
Is there a way to avoid this dialog and that my code connects to the database silently with my account already logged in in Visual Studio as it was doing in .NET Framework ? The solution I was using until now for .NET Core was to retrieve an access token and set it directly in the connection but that is something I was hoping to avoid now that Active Directory Interactive is supported in .NET Core.
The text was updated successfully, but these errors were encountered: