Skip to content

{Core} Discard tenant_id in get_token #21244

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
jiasli merged 1 commit into from
Feb 11, 2022
Merged

{Core} Discard tenant_id in get_token #21244

jiasli merged 1 commit into from
Feb 11, 2022

Conversation

@jiasli
Copy link
Member

@jiasli jiasli commented Feb 10, 2022

Description

azure-keyvault-keys==4.5.0b5 made a breaking change for authentication:

It uses azure-identity's new multi-tenant authentication API get_token(tenant_id=...) from

However, the current authentication of Azure CLI cannot handle get_token(tenant_id=...) because a credential inherits from an MSAL application, so tenant_id is fixed during the initialization of a credential/MSAL application. In order to support get_token(tenant_id=...), the MSAL application must be created during get_token, which requires a total overhaul of the authentication mechanism.

As currently Azure CLI can't automatically get an access token from another tenant for keyvault data-plane operations, we discard tenant_id in get_token so that there will be no behavior change while supporting azure-keyvault-keys==4.5.0b5.

Also see: #20880

@jiasli jiasli requested a review from yonzhan February 10, 2022 07:41
@yonzhan
Copy link
Collaborator

yonzhan commented Feb 10, 2022

Core

@yonzhan yonzhan added this to the Feb 2022 (2022-03-01) milestone Feb 10, 2022
@jiasli jiasli merged commit 1198dc0 into Azure:dev Feb 11, 2022
@jiasli jiasli deleted the tenant-id branch February 11, 2022 06:56
@jiasli jiasli mentioned this pull request Feb 14, 2022
Open
@jiasli jiasli mentioned this pull request Aug 10, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@evelyn-ys evelyn-ys evelyn-ys approved these changes

@calvinhzy calvinhzy Awaiting requested review from calvinhzy

@yonzhan yonzhan Awaiting requested review from yonzhan

Assignees

@jiasli jiasli

Labels

None yet

Projects

None yet

Milestone

Feb 2022 (2022-03-01)

Development

Successfully merging this pull request may close these issues.

3 participants

@jiasli @yonzhan @evelyn-ys