Share via


CredentialDescription.ManagedIdentityClientId Property

Definition

When SourceType is SignedAssertionFromManagedIdentity, it specifies the client ID of the Azure user-assigned managed identity used to provide a signed assertion to act as a client credential for the application. This requires that the application is deployed on Azure, that the managed identity is configured, and that workload identity federation with the managed identity is declared in the application registration. For details, see https://learn.microsoft.com/azure/active-directory/workload-identities/workload-identity-federation.

public string? ManagedIdentityClientId { get; set; }
member this.ManagedIdentityClientId : string with get, set
Public Property ManagedIdentityClientId As String

Property Value

Examples

The JSON fragment below describes a workload identity federation with a user assigned managed identity:

{
    "ClientCredentials": [
    {
        "SourceType": "SignedAssertionFromManagedIdentity",
        "ManagedIdentityClientId": "12345"
    }]
}

The code below describes programmatically in C#, the same workload identity federation with a user assigned managed identity.

CredentialDescription credentialDescription = new CredentialDescription
{
    SourceType = CredentialSource.SignedAssertionFromManagedIdentity,
    ManagedIdentityClientId = "12345" // optional
};

Remarks

If you want to use the system-assigned managed identity, just use SourceType = SignedAssertionFromManagedIdentity and don't provide a managed identity client ID.

Applies to