Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[FEATURE REQ] Add support for Managed Identity regional AAD authentication endpoints Azure.Identity #20027

Closed
ctstone opened this issue Apr 1, 2021 · 1 comment · Fixed by #21590
Assignees
Labels
Azure.Identity Client This issue points to a problem in the data-plane of the library. feature-request This issue requires a new behavior in the product in order be resolved.

Comments

@ctstone
Copy link
Member

ctstone commented Apr 1, 2021

Library or service name.
Azure.Identity

Is your feature request related to a problem? Please describe.
The guidance from the Azure IAM wiki for service teams using MI is to authenticate using a regional endpoint (e.g. https://eastus2euap.login.microsoft.com). However, the MSAL example given in the wiki uses APIs that are not currently exposed/used by MsalConfidentialClient, namely WithAuthority(Uri, bool) and WithInstanceDicoveryMetadata(string).

Today, when using the regional AAD endpoint with Azure.Identity (using a ClientCertificateCredential), we see an error Application error - the login request was malformed and could not be matched with an existing authentication endpoint or instance. The error goes away when using a global endpoint (https://login.microsoftonline.com/).

It would be good see guidance on using the regional authentication endpoint with Azure.Identity.

@ghost ghost added the needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. label Apr 1, 2021
@jsquire jsquire added Azure.Identity Client This issue points to a problem in the data-plane of the library. needs-team-attention Workflow: This issue needs attention from Azure service team or SDK team labels Apr 1, 2021
@ghost ghost removed the needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. label Apr 1, 2021
@jsquire
Copy link
Member

jsquire commented Apr 1, 2021

Thank you for your feedback. Tagging and routing to the team member best able to assist.

@christothes christothes added feature-request This issue requires a new behavior in the product in order be resolved. and removed needs-team-attention Workflow: This issue needs attention from Azure service team or SDK team labels Apr 6, 2021
azure-sdk pushed a commit to azure-sdk/azure-sdk-for-net that referenced this issue Sep 19, 2022
Network 2022 05 01 (Azure#20695)

* Adds base for updating Microsoft.Network from version stable/2022-01-01 to version 2022-05-01

* Updates readme

* Updates API version in new specs and examples

* add DisableTcpStateTracking on nic (Azure#19734)

Co-authored-by: Dan Tu <[email protected]>

* Adding new VIP Swap APIs to support extension resource design (Azure#19698)

* Adding new VIP Swap APIs to support extension resource design

* fixing validation checks

* minor fix

* Reverting changes

* Minor fix to add a new line

* fix description (Azure#19987)

Co-authored-by: Dan Tu <[email protected]>

* Add BillingType Property to ExpressRoutePorts (Azure#19932)

* change port json

* changes

* add Virtual network gateway policy group api (Azure#19766)

* finish update on connection configuration references

* resolve reference error

* finish prettier

* resolve sematic error

* finish update change

* enablePrivateLinkFastPath property for VirtualNetworkGatewayConnection resource (Azure#20050)

* Support for Per Rule Actions in Application Gateway WAF (Azure#20027)

* Adding changes for per rule actions

* Fixing spaces

* prettier fix

* Addressing PR comments

* Address review comments

* Add ColoLocation to ExpressRoutePort result (Azure#20033)

* Add ColoLocation to ExpressRoutePort result

* Fix automation code check error

* Merge from network-2022-05-01

* Revert "Merge from network-2022-05-01"

This reverts commit f0671a040b2bad684921f8f8ad4b53bb0f4b4a93.

Co-authored-by: Jianqi Zhao <[email protected]>

* DDoS Per IP SKU + Custom Policy Deprecation Swagger PR (Azure#19985)

* initial changes

* example file changes

* new files for new apis

* adding a period

* changing reference

* prettier fixes

* ddos fix

* lint diff fixes

* more lint diff errors

* fixing operation id

* changing bool to string enum

* example changes

* adding 202s as these are long running ops

* examples

Co-authored-by: Manas Chakka <[email protected]>

* Adding UnhealthyThreshold property to LB health probes, and updated examples with new property (Azure#20001)

* Property to enable/disable OCSP revocation check on client certificate (Azure#20301)

* add new property to enable/disable OCSP revocation check on client certificate for MTLS

* revert breaking change of updating enum property

* Add new parameter asn, geo and expressRouteAdvertise to CustomIPPrefix for new 2022-05-01 nrp sdk version (Azure#20266)

* fix

* fix

* fix

* fix

* fix

* fix

Co-authored-by: Weiheng Li <[email protected]>

* Network 2022-05-01 Azure Virtual Network Manager Contributions (Azure#20440)

* Add third NIP enum for avnm security admin config, AllowRulesOnly

* add optional top parameters to various network manager post APIs

* revise all example input subscriptions to all zero guid

* change all top parameter max value to 100

* Revert "change all top parameter max value to 100"

This reverts commit 12943d2f2b91b22f1dae232cb291a8551fedfdca.

Co-authored-by: Jared Gorthy <[email protected]>

* Alpelled waf manifest 05 01 2022 (Azure#20047)

* init

* init

* fix comments

* fix err

* try ref to appgw def

* try ref to appgw def

* try ref to appgw def

* try ref to appgw def

* update example

* update example

* update example

* update state and action

* update state and action

* change ruleset name and add tiers

* cammel case fix

* cammel case fix

* s_ruleid

* s_RuleId

* suppress s_RuleId camel case issue

* suppress s_RuleId camel case issue

* address comments

* address comments

* address comments

* fix typo

* cont fix

* cont fix

* cont fix

* cont fix

* cont fix

* add pageable

* add next link

Co-authored-by: Alon Pelled <[email protected]>

* Add prefixType property to CustomIPPrefix for NRP 2022-05-01 (Azure#20486)

* add prefixType parameter

* add example

* Adding swagger changes for routemaps feature (Azure#20091)

* initial changes for routemaps

* run npm prettier script

* adding examples

* fixing validation errors

* more validations

* more fixes

* trying to fix lint error

* fix for match condition

* renaming ActionType to fix lint

* fix for python sdk generation

* renaming Rule to RouteMapRule

* modify examples to remove vnetroutes from non hub vnet conns

* cleanup

* Added Upper-case transform (Azure#20674)

Co-authored-by: dtuCloud <[email protected]>
Co-authored-by: Dan Tu <[email protected]>
Co-authored-by: shnaya434 <[email protected]>
Co-authored-by: nimaller <[email protected]>
Co-authored-by: tyrannicrex <[email protected]>
Co-authored-by: Jesus Arango <[email protected]>
Co-authored-by: Sindhu Aluguvelli <[email protected]>
Co-authored-by: Jianqi Zhao <[email protected]>
Co-authored-by: Jianqi Zhao <[email protected]>
Co-authored-by: Manas Chakka <[email protected]>
Co-authored-by: Manas Chakka <[email protected]>
Co-authored-by: bhavanabheem <[email protected]>
Co-authored-by: biaogao <[email protected]>
Co-authored-by: Weiheng Li <[email protected]>
Co-authored-by: Weiheng Li <[email protected]>
Co-authored-by: jago2136 <[email protected]>
Co-authored-by: Jared Gorthy <[email protected]>
Co-authored-by: alon-microsoft <[email protected]>
Co-authored-by: Alon Pelled <[email protected]>
Co-authored-by: Eric Hoffmann <[email protected]>
Co-authored-by: arganapathy <[email protected]>
Co-authored-by: rahulbissa2727 <[email protected]>
@github-actions github-actions bot locked and limited conversation to collaborators Mar 27, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
Azure.Identity Client This issue points to a problem in the data-plane of the library. feature-request This issue requires a new behavior in the product in order be resolved.
Projects
None yet
Development

Successfully merging a pull request may close this issue.

4 participants