Page should define MSAPassThrough #3670
Comments
|
@jsquire - MSA is the internal name we use for "Personal accounts" aka "Microsoft accounts" aka outlook.com, hotmail.com, live.com etc. This is contrast with AAD accounts, which are "work and school" accounts. Some resources, notably ARM and AzureDevOps do not accept tokens from MSA accounts. So if you want your app to access AzureDevOps API for an MSA account, you'll get some error. However, you'll notice that you can actually login from Visual Studio into AzureDevOps with an MSA account and perform operations there. This is because Microsoft has a solution for this problem called MSA-passthrough. It hides the MSA accounts as guests in an AAD tenant, so the tokens appear as being AAD tokens. The solution was deemed to be too complex and fragile to fully productize and we're working with resource providers to fully support MSA tokens. ARM and AzureDevOps are, I believe, the last 2 RPs that have not done the work yet. We will hide this API. |
|
@bgavrilMS - Please be aware that my role was only to triage/transfer this from the Azure SDK repository. You'll want to engage @edwardskrod for discussion, as they opened the issue that was transferred. |
Issue Transfer
This issue has been transferred from the Azure SDK for .NET repository, #31140.
Please be aware that @edwardskrod is the author of the original issue and include them for any questions or replies.
Details
I came to the page to figure out what this property does and is used for. The current description didn't help much. What is MSA? Why do Legacy Applications need it?
More information to help the developer make an informed decision would be super useful.
Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
The text was updated successfully, but these errors were encountered: