Skip to content

For service principal authentication, replace --username with --client-id, replace --password with --client-secret, --certificate #29481

New issue
New issue
Closed
Closed
For service principal authentication, replace --username with --client-id, replace --password with --client-secret, --certificate#29481
Assignees
jiasli
Labels
Accountaz login/accountAuto-AssignAuto assign by botAzure CLI TeamThe command of the issue is owned by Azure CLI teamOKR CandidateThis label is used to track how many GitHub issues we have resolved for OKR purpose.feature-request
Milestone
Backlog
@jiasli

Description

@jiasli
jiasli
opened on Jul 26, 2024

Related command
az login --identity

Is your feature request related to a problem? Please describe.
Azure CLI uses below arguments for service principal authentication:

  • --username: client ID
  • --password: client secret or certificate

such as

az login --service-principal --username xxx --password xxx --tenant xxx

These arguments are also used in user authentication:

az login --username xxx --password xxx --tenant xxx

Reusing --username and --password for both user and service principal authentication can be confusing.

Describe the solution you'd like
To be consistent with OAuth 2.0 client credentials flow parameters,

  • Replace --username with --client-id
  • Replace --password with --client-secret, --certificate

When supporting OIDC authentication, --federated-token is introduced, instead of reusing --password.

Describe alternatives you've considered

Additional context
--identity may require similar changes: #29480

Metadata

Metadata

Assignees

Labels

Accountaz login/accountAuto-AssignAuto assign by botAzure CLI TeamThe command of the issue is owned by Azure CLI teamOKR CandidateThis label is used to track how many GitHub issues we have resolved for OKR purpose.feature-request

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions