diff --git a/sdk/identity/azure-identity/azure/identity/_credentials/browser.py b/sdk/identity/azure-identity/azure/identity/_credentials/browser.py index 4f2cc5efbdee..0f773df22602 100644 --- a/sdk/identity/azure-identity/azure/identity/_credentials/browser.py +++ b/sdk/identity/azure-identity/azure/identity/_credentials/browser.py @@ -30,8 +30,6 @@ class InteractiveBrowserCredential(InteractiveCredential): :func:`~get_token` opens a browser to a login URL provided by Azure Active Directory and authenticates a user there with the authorization code flow, using PKCE (Proof Key for Code Exchange) internally to protect the code. - Azure Active Directory documentation describes the authentication flow in more detail: - https://docs.microsoft.com/azure/active-directory/develop/v1-protocols-oauth-code :keyword str authority: Authority of an Azure Active Directory endpoint, for example 'login.microsoftonline.com', the authority for Azure Public Cloud (which is the default). :class:`~azure.identity.AzureAuthorityHosts` diff --git a/sdk/identity/azure-identity/azure/identity/_credentials/certificate.py b/sdk/identity/azure-identity/azure/identity/_credentials/certificate.py index 5c329672296d..27273223b0f8 100644 --- a/sdk/identity/azure-identity/azure/identity/_credentials/certificate.py +++ b/sdk/identity/azure-identity/azure/identity/_credentials/certificate.py @@ -23,6 +23,9 @@ class CertificateCredential(ClientCredentialBase): The certificate must have an RSA private key, because this credential signs assertions using RS256. + See Azure Active Directory documentation for more information on configuring certificate authentication: + https://docs.microsoft.com/azure/active-directory/develop/active-directory-certificate-credentials#register-your-certificate-with-microsoft-identity-platform + :param str tenant_id: ID of the service principal's tenant. Also called its 'directory' ID. :param str client_id: the service principal's client ID :param str certificate_path: path to a PEM-encoded certificate file including the private key. If not provided, diff --git a/sdk/identity/azure-identity/azure/identity/_credentials/client_secret.py b/sdk/identity/azure-identity/azure/identity/_credentials/client_secret.py index 1eef4f8abd78..9d25d1154280 100644 --- a/sdk/identity/azure-identity/azure/identity/_credentials/client_secret.py +++ b/sdk/identity/azure-identity/azure/identity/_credentials/client_secret.py @@ -12,7 +12,7 @@ class ClientSecretCredential(ClientCredentialBase): - """Authenticates as a service principal using a client ID and client secret. + """Authenticates as a service principal using a client secret. :param str tenant_id: ID of the service principal's tenant. Also called its 'directory' ID. :param str client_id: the service principal's client ID diff --git a/sdk/identity/azure-identity/azure/identity/_credentials/device_code.py b/sdk/identity/azure-identity/azure/identity/_credentials/device_code.py index 5e29d34943f4..dec7303b334c 100644 --- a/sdk/identity/azure-identity/azure/identity/_credentials/device_code.py +++ b/sdk/identity/azure-identity/azure/identity/_credentials/device_code.py @@ -27,8 +27,9 @@ class DeviceCodeCredential(InteractiveCredential): A user must browse to the URL, enter the code, and authenticate with Azure Active Directory. If the user authenticates successfully, the credential receives an access token. - For more information about the device code flow, see Azure Active Directory documentation: - https://docs.microsoft.com/azure/active-directory/develop/v2-oauth2-device-code + This credential is primarily useful for authenticating a user in an environment without a web browser, such as an + SSH session. If a web browser is available, :class:`~azure.identity.InteractiveBrowserCredential` is more + convenient because it automatically opens a browser to the login page. :param str client_id: client ID of the application users will authenticate to. When not specified users will authenticate to an Azure development application. diff --git a/sdk/identity/azure-identity/azure/identity/_credentials/managed_identity.py b/sdk/identity/azure-identity/azure/identity/_credentials/managed_identity.py index ff4f6ae177db..2fc67178fee0 100644 --- a/sdk/identity/azure-identity/azure/identity/_credentials/managed_identity.py +++ b/sdk/identity/azure-identity/azure/identity/_credentials/managed_identity.py @@ -28,6 +28,9 @@ class ManagedIdentityCredential(object): This credential defaults to using a system-assigned identity. To configure a user-assigned identity, use one of the keyword arguments. + See Azure Active Directory documentation for more information about configuring managed identity for applications: + https://docs.microsoft.com/azure/active-directory/managed-identities-azure-resources/overview + :keyword str client_id: a user-assigned identity's client ID. This is supported in all hosting environments. :keyword identity_config: a mapping ``{parameter_name: value}`` specifying a user-assigned identity by its object or resource ID, for example ``{"object_id": "..."}``. Check the documentation for your hosting environment to diff --git a/sdk/identity/azure-identity/azure/identity/aio/_credentials/certificate.py b/sdk/identity/azure-identity/azure/identity/aio/_credentials/certificate.py index 1de0bb2baaa0..ba435755b979 100644 --- a/sdk/identity/azure-identity/azure/identity/aio/_credentials/certificate.py +++ b/sdk/identity/azure-identity/azure/identity/aio/_credentials/certificate.py @@ -22,6 +22,9 @@ class CertificateCredential(AsyncContextManager, GetTokenMixin): The certificate must have an RSA private key, because this credential signs assertions using RS256. + See Azure Active Directory documentation for more information on configuring certificate authentication: + https://docs.microsoft.com/azure/active-directory/develop/active-directory-certificate-credentials#register-your-certificate-with-microsoft-identity-platform + :param str tenant_id: ID of the service principal's tenant. Also called its 'directory' ID. :param str client_id: the service principal's client ID :param str certificate_path: path to a PEM-encoded certificate file including the private key. If not provided, diff --git a/sdk/identity/azure-identity/azure/identity/aio/_credentials/client_secret.py b/sdk/identity/azure-identity/azure/identity/aio/_credentials/client_secret.py index 7bceaae674db..d77ecc1030a8 100644 --- a/sdk/identity/azure-identity/azure/identity/aio/_credentials/client_secret.py +++ b/sdk/identity/azure-identity/azure/identity/aio/_credentials/client_secret.py @@ -17,7 +17,7 @@ class ClientSecretCredential(AsyncContextManager, GetTokenMixin): - """Authenticates as a service principal using a client ID and client secret. + """Authenticates as a service principal using a client secret. :param str tenant_id: ID of the service principal's tenant. Also called its 'directory' ID. :param str client_id: the service principal's client ID diff --git a/sdk/identity/azure-identity/azure/identity/aio/_credentials/managed_identity.py b/sdk/identity/azure-identity/azure/identity/aio/_credentials/managed_identity.py index cf11359489cb..6305b11fc73c 100644 --- a/sdk/identity/azure-identity/azure/identity/aio/_credentials/managed_identity.py +++ b/sdk/identity/azure-identity/azure/identity/aio/_credentials/managed_identity.py @@ -26,6 +26,9 @@ class ManagedIdentityCredential(AsyncContextManager): This credential defaults to using a system-assigned identity. To configure a user-assigned identity, use one of the keyword arguments. + See Azure Active Directory documentation for more information about configuring managed identity for applications: + https://docs.microsoft.com/azure/active-directory/managed-identities-azure-resources/overview + :keyword str client_id: a user-assigned identity's client ID. This is supported in all hosting environments. :keyword identity_config: a mapping ``{parameter_name: value}`` specifying a user-assigned identity by its object or resource ID, for example ``{"object_id": "..."}``. Check the documentation for your hosting environment to