Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for Managed Identity regional AAD authentication endpoints #22355

Closed
joshfree opened this issue Jun 17, 2021 · 1 comment
Closed

Add support for Managed Identity regional AAD authentication endpoints #22355

joshfree opened this issue Jun 17, 2021 · 1 comment
Assignees
@jianghaolu @g2vinay
Labels
Azure.Identity Client This issue points to a problem in the data-plane of the library. feature-request This issue requires a new behavior in the product in order be resolved.
Milestone
[2021] July

Comments

@joshfree
Copy link
Member

Library or service name.
Azure.Identity

Is your feature request related to a problem? Please describe.
The guidance from the Azure IAM wiki for service teams using MI is to authenticate using a regional endpoint (e.g. https://eastus2euap.login.microsoft.com). However, the MSAL example given in the wiki uses APIs that are not currently exposed/used by MsalConfidentialClient, namely WithAuthority(Uri, bool) and WithInstanceDicoveryMetadata(string).

Today, when using the regional AAD endpoint with Azure.Identity (using a ClientCertificateCredential), we see an error Application error - the login request was malformed and could not be matched with an existing authentication endpoint or instance. The error goes away when using a global endpoint (https://login.microsoftonline.com/).

It would be good see guidance on using the regional authentication endpoint with Azure.Identity.

Related C#: Azure/azure-sdk-for-net#20027
@joshfree joshfree added Client This issue points to a problem in the data-plane of the library. Azure.Identity feature-request This issue requires a new behavior in the product in order be resolved. labels Jun 17, 2021
@joshfree joshfree added this to the [2021] July milestone Jun 17, 2021
This was referenced Jun 17, 2021
Closed
Closed
Closed
Closed
@jianghaolu
Copy link
Contributor

closed via #22536

azure-sdk pushed a commit to azure-sdk/azure-sdk-for-java that referenced this issue Feb 1, 2023
CodeGen from PR 22355 in Azure/azure-rest-api-specs
1281b2c 
{AzurePostgresql} fixes Azure/azure-rest-api-specs#22302 fix the regex for serverName property (Azure#22355)

* {AzurePostgresql} fixes Azure/azure-rest-api-specs#22302 fix the regex for serverName property

fixes Azure/azure-rest-api-specs#22302 

PR to fix the regex for serverName property

As per [this](https://learn.microsoft.com/en-us/azure/postgresql/single-server/tutorial-design-database-using-azure-portal#create-an-azure-database-for-postgresql) docs, the Postgresql Server Name should have the below pattern:
-Server name must be at least 3 characters and at most 63 characters.
-Server name must only contain lowercase letters, numbers, and hyphens. The server name must not start or end in a hyphen.
-Server name must be available.

Current Regex is incorrect: `^[a-z][a-z0-9]*$` as it doesn't allow the hyphen. The correct Regex pattern should be `^[a-zA-Z0-9]+(-[a-zA-Z0-9]+)*`

* Update common-types.json
@github-actions github-actions bot locked and limited conversation to collaborators Apr 12, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@jianghaolu jianghaolu

@g2vinay g2vinay

Labels
Azure.Identity Client This issue points to a problem in the data-plane of the library. feature-request This issue requires a new behavior in the product in order be resolved.
Projects
None yet
Milestone
[2021] July
Development

No branches or pull requests
3 participants
@joshfree @jianghaolu @g2vinay