AzureDeveloperCliCredential Class
Authenticates by requesting a token from the Azure Developer CLI.
Azure Developer CLI is a command-line interface tool that allows developers to create, manage, and deploy resources in Azure. It's built on top of the Azure CLI and provides additional functionality specific to Azure developers. It allows users to authenticate as a user and/or a service principal against Microsoft Entra ID. The AzureDeveloperCliCredential authenticates in a development environment and acquires a token on behalf of the logged-in user or service principal in Azure Developer CLI. It acts as the Azure Developer CLI logged-in user or service principal and executes an Azure CLI command underneath to authenticate the application against Microsoft Entra ID.
To use this credential, the developer needs to authenticate locally in Azure Developer CLI using one of the commands below:
Run "azd auth login" in Azure Developer CLI to authenticate interactively as a user.
Run "azd auth login –client-id 'client_id' –client-secret 'client_secret' –tenant-id 'tenant_id'" to authenticate as a service principal.
You may need to repeat this process after a certain time period, depending on the refresh token validity in your organization. Generally, the refresh token validity period is a few weeks to a few months. AzureDeveloperCliCredential will prompt you to sign in again.
- Inheritance
-
azure.identity.aio._internal.AsyncContextManagerAzureDeveloperCliCredential
Constructor
AzureDeveloperCliCredential(*, tenant_id: str = '', additionally_allowed_tenants: List[str] | None = None, process_timeout: int = 10)
Keyword-Only Parameters
Name | Description |
---|---|
tenant_id
|
Optional tenant to include in the token request. |
additionally_allowed_tenants
|
Specifies tenants in addition to the specified "tenant_id" for which the credential may acquire tokens. Add the wildcard value "*" to allow the credential to acquire tokens for any tenant the application can access. |
process_timeout
|
Seconds to wait for the Azure Developer CLI process to respond. Defaults to 10 seconds. Default value: 10
|
Examples
Create an AzureDeveloperCliCredential.
from azure.identity.aio import AzureDeveloperCliCredential
credential = AzureDeveloperCliCredential()
Methods
close |
Calling this method is unnecessary |
get_token |
Request an access token for scopes. This method is called automatically by Azure SDK clients. Applications calling this method directly must also handle token caching because this credential doesn't cache the tokens it acquires. |
get_token_info |
Request an access token for scopes. This is an alternative to get_token to enable certain scenarios that require additional properties on the token. This method is called automatically by Azure SDK clients. Applications calling this method directly must also handle token caching because this credential doesn't cache the tokens it acquires. |
close
Calling this method is unnecessary
async close() -> None
get_token
Request an access token for scopes.
This method is called automatically by Azure SDK clients. Applications calling this method directly must also handle token caching because this credential doesn't cache the tokens it acquires.
async get_token(*scopes: str, claims: str | None = None, tenant_id: str | None = None, **kwargs: Any) -> AccessToken
Parameters
Name | Description |
---|---|
scopes
Required
|
desired scope for the access token. This credential allows only one scope per request. For more information about scopes, see https://learn.microsoft.com/entra/identity-platform/scopes-oidc. |
Keyword-Only Parameters
Name | Description |
---|---|
claims
|
not used by this credential; any value provided will be ignored. |
tenant_id
|
optional tenant to include in the token request. |
Returns
Type | Description |
---|---|
An access token with the desired scopes. |
Exceptions
Type | Description |
---|---|
the credential was unable to invoke the Azure Developer CLI. |
|
the credential invoked the Azure Developer CLI but didn't receive an access token. |
get_token_info
Request an access token for scopes.
This is an alternative to get_token to enable certain scenarios that require additional properties on the token. This method is called automatically by Azure SDK clients. Applications calling this method directly must also handle token caching because this credential doesn't cache the tokens it acquires.
async get_token_info(*scopes: str, options: TokenRequestOptions | None = None) -> AccessTokenInfo
Parameters
Name | Description |
---|---|
scopes
Required
|
desired scopes for the access token. This method requires at least one scope. For more information about scopes, see https://learn.microsoft.com/entra/identity-platform/scopes-oidc. |
Keyword-Only Parameters
Name | Description |
---|---|
options
|
A dictionary of options for the token request. Unknown options will be ignored. Optional. |
Returns
Type | Description |
---|---|
<xref:AccessTokenInfo>
|
An AccessTokenInfo instance containing information about the token. |
Exceptions
Type | Description |
---|---|
the credential was unable to invoke the Azure Developer CLI. |
|
the credential invoked the Azure Developer CLI but didn't receive an access token. |
Azure SDK for Python