npm - @azure/identity - Versions diffs - 3.1.3-alpha.20230131.2 → 3.2.0-alpha.20230213.2 - Mend

@azure/identity 3.1.3-alpha.20230131.2 → 3.2.0-alpha.20230213.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of @azure/identity might be problematic. Click here for more details.

Files changed (28) hide show

package/dist/index.js CHANGED Viewed

@@ -3,7 +3,7 @@
 Object.defineProperty(exports, '__esModule', { value: true });
 var msalNode = require('@azure/msal-node');
-var logger$m = require('@azure/logger');
+var logger$n = require('@azure/logger');
 var msalCommon = require('@azure/msal-common');
 var abortController = require('@azure/abort-controller');
 var coreUtil = require('@azure/core-util');
@@ -177,7 +177,7 @@ class AuthenticationRequiredError extends Error {
 /**
  * The AzureLogger used for all clients within the identity package
  */
-const logger$l = logger$m.createClientLogger("identity");
+const logger$m = logger$n.createClientLogger("identity");
 /**
  * Separates a list of environment variable names into a plain object with two arrays: an array of missing environment variables and another array with assigned environment variables.
  * @param supportedEnvVars - List of environment variable names
@@ -217,7 +217,7 @@ function formatError(scope, error) {
  *   `[title] => [message]`
  *
  */
-function credentialLoggerInstance(title, parent, log = logger$l) {
+function credentialLoggerInstance(title, parent, log = logger$m) {
     const fullTitle = parent ? `${parent.fullTitle} ${title}` : title;
     function info(message) {
         log.info(`${fullTitle} =>`, message);
@@ -246,7 +246,7 @@ function credentialLoggerInstance(title, parent, log = logger$l) {
  *   `[title] => getToken() => [message]`
  *
  */
-function credentialLogger(title, log = logger$l) {
+function credentialLogger(title, log = logger$m) {
     const credLogger = credentialLoggerInstance(title, undefined, log);
     return Object.assign(Object.assign({}, credLogger), { parent: log, getToken: credentialLoggerInstance("=> getToken()", credLogger, log) });
 }
@@ -256,7 +256,7 @@ function credentialLogger(title, log = logger$l) {
 /**
  * Current version of the `@azure/identity` package.
  */
-const SDK_VERSION = `3.1.3`;
+const SDK_VERSION = `3.2.0-beta.1`;
 /**
  * The default client ID for authentication
  * @internal
@@ -355,8 +355,8 @@ function getAuthority(tenantId, host) {
  * by sending it within the known authorities in the MSAL configuration.
  * @internal
  */
-function getKnownAuthorities(tenantId, authorityHost) {
-    if (tenantId === "adfs" && authorityHost) {
+function getKnownAuthorities(tenantId, authorityHost, disableInstanceDiscovery) {
+    if ((tenantId === "adfs" && authorityHost) || disableInstanceDiscovery) {
         return [authorityHost];
     }
     return [];
@@ -726,7 +726,7 @@ class IdentityClient extends coreClient.ServiceClient {
         this.allowLoggingAccountIdentifiers = (_b = options === null || options === void 0 ? void 0 : options.loggingOptions) === null || _b === void 0 ? void 0 : _b.allowLoggingAccountIdentifiers;
     }
     async sendTokenRequest(request) {
-        logger$l.info(`IdentityClient: sending token request to [${request.url}]`);
+        logger$m.info(`IdentityClient: sending token request to [${request.url}]`);
         const response = await this.sendRequest(request);
         if (response.bodyAsText && (response.status === 200 || response.status === 201)) {
             const parsedBody = JSON.parse(response.bodyAsText);
@@ -741,12 +741,12 @@ class IdentityClient extends coreClient.ServiceClient {
                 },
                 refreshToken: parsedBody.refresh_token,
             };
-            logger$l.info(`IdentityClient: [${request.url}] token acquired, expires on ${token.accessToken.expiresOnTimestamp}`);
+            logger$m.info(`IdentityClient: [${request.url}] token acquired, expires on ${token.accessToken.expiresOnTimestamp}`);
             return token;
         }
         else {
             const error = new AuthenticationError(response.status, response.bodyAsText);
-            logger$l.warning(`IdentityClient: authentication error. HTTP status: ${response.status}, ${error.errorResponse.errorDescription}`);
+            logger$m.warning(`IdentityClient: authentication error. HTTP status: ${response.status}, ${error.errorResponse.errorDescription}`);
             throw error;
         }
     }
@@ -754,7 +754,7 @@ class IdentityClient extends coreClient.ServiceClient {
         if (refreshToken === undefined) {
             return null;
         }
-        logger$l.info(`IdentityClient: refreshing access token with client ID: ${clientId}, scopes: ${scopes} started`);
+        logger$m.info(`IdentityClient: refreshing access token with client ID: ${clientId}, scopes: ${scopes} started`);
         const refreshParams = {
             grant_type: "refresh_token",
             client_id: clientId,
@@ -780,7 +780,7 @@ class IdentityClient extends coreClient.ServiceClient {
                     tracingOptions: updatedOptions.tracingOptions,
                 });
                 const response = await this.sendTokenRequest(request);
-                logger$l.info(`IdentityClient: refreshed token for client ID: ${clientId}`);
+                logger$m.info(`IdentityClient: refreshed token for client ID: ${clientId}`);
                 return response;
             }
             catch (err) {
@@ -789,11 +789,11 @@ class IdentityClient extends coreClient.ServiceClient {
                     // It's likely that the refresh token has expired, so
                     // return null so that the credential implementation will
                     // initiate the authentication flow again.
-                    logger$l.info(`IdentityClient: interaction required for client ID: ${clientId}`);
+                    logger$m.info(`IdentityClient: interaction required for client ID: ${clientId}`);
                     return null;
                 }
                 else {
-                    logger$l.warning(`IdentityClient: failed refreshing token for client ID: ${clientId}: ${err}`);
+                    logger$m.warning(`IdentityClient: failed refreshing token for client ID: ${clientId}: ${err}`);
                     throw err;
                 }
             }
@@ -895,10 +895,10 @@ class IdentityClient extends coreClient.ServiceClient {
             }
             const base64Metadata = accessToken.split(".")[1];
             const { appid, upn, tid, oid } = JSON.parse(Buffer.from(base64Metadata, "base64").toString("utf8"));
-            logger$l.info(`[Authenticated account] Client ID: ${appid}. Tenant ID: ${tid}. User Principal Name: ${upn || unavailableUpn}. Object ID (user): ${oid}`);
+            logger$m.info(`[Authenticated account] Client ID: ${appid}. Tenant ID: ${tid}. User Principal Name: ${upn || unavailableUpn}. Object ID (user): ${oid}`);
         }
         catch (e) {
-            logger$l.warning("allowLoggingAccountIdentifiers was set, but we couldn't log the account information. Error:", e.message);
+            logger$m.warning("allowLoggingAccountIdentifiers was set, but we couldn't log the account information. Error:", e.message);
         }
     }
 }
@@ -1088,7 +1088,7 @@ class MsalNode extends MsalBaseUtilities {
             auth: {
                 clientId,
                 authority,
-                knownAuthorities: getKnownAuthorities(tenantId, authority),
+                knownAuthorities: getKnownAuthorities(tenantId, authority, options.disableInstanceDiscovery),
                 clientCapabilities,
             },
             // Cache is defined in this.prepare();
@@ -1096,7 +1096,7 @@ class MsalNode extends MsalBaseUtilities {
                 networkClient: this.identityClient,
                 loggerOptions: {
                     loggerCallback: defaultLoggerCallback(options.logger),
-                    logLevel: getMSALLogLevel(logger$m.getLogLevel()),
+                    logLevel: getMSALLogLevel(logger$n.getLogLevel()),
                 },
             },
         };
@@ -1254,7 +1254,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
 // Copyright (c) Microsoft Corporation.
 const CommonTenantId = "common";
 const AzureAccountClientId = "aebc6443-996d-45c2-90f0-388ff96faa56"; // VSC: 'aebc6443-996d-45c2-90f0-388ff96faa56'
-const logger$k = credentialLogger("VisualStudioCodeCredential");
+const logger$l = credentialLogger("VisualStudioCodeCredential");
 let findCredentials = undefined;
 const vsCodeCredentialControl = {
     setVsCodeCredentialFinder(finder) {
@@ -1307,7 +1307,7 @@ function getPropertyFromVSCode(property) {
         }
     }
     catch (e) {
-        logger$k.info(`Failed to load the Visual Studio Code configuration file. Error: ${e.message}`);
+        logger$l.info(`Failed to load the Visual Studio Code configuration file. Error: ${e.message}`);
         return;
     }
 }
@@ -1340,7 +1340,7 @@ class VisualStudioCodeCredential {
         const authorityHost = mapVSCodeAuthorityHosts[this.cloudName];
         this.identityClient = new IdentityClient(Object.assign({ authorityHost }, options));
         if (options && options.tenantId) {
-            checkTenantId(logger$k, options.tenantId);
+            checkTenantId(logger$l, options.tenantId);
             this.tenantId = options.tenantId;
         }
         else {
@@ -1395,7 +1395,7 @@ class VisualStudioCodeCredential {
         // Check to make sure the scope we get back is a valid scope
         if (!scopeString.match(/^[0-9a-zA-Z-.:/]+$/)) {
             const error = new Error("Invalid scope was specified by the user or calling client");
-            logger$k.getToken.info(formatError(scopes, error));
+            logger$l.getToken.info(formatError(scopes, error));
             throw error;
         }
         if (scopeString.indexOf("offline_access") < 0) {
@@ -1415,18 +1415,18 @@ class VisualStudioCodeCredential {
         if (refreshToken) {
             const tokenResponse = await this.identityClient.refreshAccessToken(tenantId, AzureAccountClientId, scopeString, refreshToken, undefined);
             if (tokenResponse) {
-                logger$k.getToken.info(formatSuccess(scopes));
+                logger$l.getToken.info(formatSuccess(scopes));
                 return tokenResponse.accessToken;
             }
             else {
                 const error = new CredentialUnavailableError("Could not retrieve the token associated with Visual Studio Code. Have you connected using the 'Azure Account' extension recently? To troubleshoot, visit https://aka.ms/azsdk/js/identity/vscodecredential/troubleshoot.");
-                logger$k.getToken.info(formatError(scopes, error));
+                logger$l.getToken.info(formatError(scopes, error));
                 throw error;
             }
         }
         else {
             const error = new CredentialUnavailableError("Could not retrieve the token associated with Visual Studio Code. Did you connect using the 'Azure Account' extension? To troubleshoot, visit https://aka.ms/azsdk/js/identity/vscodecredential/troubleshoot.");
-            logger$k.getToken.info(formatError(scopes, error));
+            logger$l.getToken.info(formatError(scopes, error));
             throw error;
         }
     }
@@ -1475,7 +1475,7 @@ function useIdentityPlugin(plugin) {
 // Copyright (c) Microsoft Corporation.
 const msiName$6 = "ManagedIdentityCredential - AppServiceMSI 2017";
-const logger$j = credentialLogger(msiName$6);
+const logger$k = credentialLogger(msiName$6);
 /**
  * Generates the options used on the request for an access token.
  */
@@ -1515,22 +1515,22 @@ const appServiceMsi2017 = {
     async isAvailable({ scopes }) {
         const resource = mapScopesToResource(scopes);
         if (!resource) {
-            logger$j.info(`${msiName$6}: Unavailable. Multiple scopes are not supported.`);
+            logger$k.info(`${msiName$6}: Unavailable. Multiple scopes are not supported.`);
             return false;
         }
         const env = process.env;
         const result = Boolean(env.MSI_ENDPOINT && env.MSI_SECRET);
         if (!result) {
-            logger$j.info(`${msiName$6}: Unavailable. The environment variables needed are: MSI_ENDPOINT and MSI_SECRET.`);
+            logger$k.info(`${msiName$6}: Unavailable. The environment variables needed are: MSI_ENDPOINT and MSI_SECRET.`);
         }
         return result;
     },
     async getToken(configuration, getTokenOptions = {}) {
         const { identityClient, scopes, clientId, resourceId } = configuration;
         if (resourceId) {
-            logger$j.warning(`${msiName$6}: managed Identity by resource Id is not supported. Argument resourceId might be ignored by the service.`);
+            logger$k.warning(`${msiName$6}: managed Identity by resource Id is not supported. Argument resourceId might be ignored by the service.`);
         }
-        logger$j.info(`${msiName$6}: Using the endpoint and the secret coming form the environment variables: MSI_ENDPOINT=${process.env.MSI_ENDPOINT} and MSI_SECRET=[REDACTED].`);
+        logger$k.info(`${msiName$6}: Using the endpoint and the secret coming form the environment variables: MSI_ENDPOINT=${process.env.MSI_ENDPOINT} and MSI_SECRET=[REDACTED].`);
         const request = coreRestPipeline.createPipelineRequest(Object.assign(Object.assign({ abortSignal: getTokenOptions.abortSignal }, prepareRequestOptions$6(scopes, clientId)), {
             // Generally, MSI endpoints use the HTTP protocol, without transport layer security (TLS).
             allowInsecureConnection: true }));
@@ -1541,7 +1541,7 @@ const appServiceMsi2017 = {
 // Copyright (c) Microsoft Corporation.
 const msiName$5 = "ManagedIdentityCredential - CloudShellMSI";
-const logger$i = credentialLogger(msiName$5);
+const logger$j = credentialLogger(msiName$5);
 /**
  * Generates the options used on the request for an access token.
  */
@@ -1583,24 +1583,24 @@ const cloudShellMsi = {
     async isAvailable({ scopes }) {
         const resource = mapScopesToResource(scopes);
         if (!resource) {
-            logger$i.info(`${msiName$5}: Unavailable. Multiple scopes are not supported.`);
+            logger$j.info(`${msiName$5}: Unavailable. Multiple scopes are not supported.`);
             return false;
         }
         const result = Boolean(process.env.MSI_ENDPOINT);
         if (!result) {
-            logger$i.info(`${msiName$5}: Unavailable. The environment variable MSI_ENDPOINT is needed.`);
+            logger$j.info(`${msiName$5}: Unavailable. The environment variable MSI_ENDPOINT is needed.`);
         }
         return result;
     },
     async getToken(configuration, getTokenOptions = {}) {
         const { identityClient, scopes, clientId, resourceId } = configuration;
         if (clientId) {
-            logger$i.warning(`${msiName$5}: user-assigned identities not supported. The argument clientId might be ignored by the service.`);
+            logger$j.warning(`${msiName$5}: user-assigned identities not supported. The argument clientId might be ignored by the service.`);
         }
         if (resourceId) {
-            logger$i.warning(`${msiName$5}: user defined managed Identity by resource Id not supported. The argument resourceId might be ignored by the service.`);
+            logger$j.warning(`${msiName$5}: user defined managed Identity by resource Id not supported. The argument resourceId might be ignored by the service.`);
         }
-        logger$i.info(`${msiName$5}: Using the endpoint coming form the environment variable MSI_ENDPOINT = ${process.env.MSI_ENDPOINT}.`);
+        logger$j.info(`${msiName$5}: Using the endpoint coming form the environment variable MSI_ENDPOINT = ${process.env.MSI_ENDPOINT}.`);
         const request = coreRestPipeline.createPipelineRequest(Object.assign(Object.assign({ abortSignal: getTokenOptions.abortSignal }, prepareRequestOptions$5(scopes, clientId, resourceId)), {
             // Generally, MSI endpoints use the HTTP protocol, without transport layer security (TLS).
             allowInsecureConnection: true }));
@@ -1611,7 +1611,7 @@ const cloudShellMsi = {
 // Copyright (c) Microsoft Corporation.
 const msiName$4 = "ManagedIdentityCredential - IMDS";
-const logger$h = credentialLogger(msiName$4);
+const logger$i = credentialLogger(msiName$4);
 /**
  * Generates the options used on the request for an access token.
  */
@@ -1668,7 +1668,7 @@ const imdsMsi = {
     async isAvailable({ scopes, identityClient, clientId, resourceId, getTokenOptions = {}, }) {
         const resource = mapScopesToResource(scopes);
         if (!resource) {
-            logger$h.info(`${msiName$4}: Unavailable. Multiple scopes are not supported.`);
+            logger$i.info(`${msiName$4}: Unavailable. Multiple scopes are not supported.`);
             return false;
         }
         // if the PodIdentityEndpoint environment variable was set no need to probe the endpoint, it can be assumed to exist
@@ -1695,30 +1695,30 @@ const imdsMsi = {
             // This MSI uses the imdsEndpoint to get the token, which only uses http://
             request.allowInsecureConnection = true;
             try {
-                logger$h.info(`${msiName$4}: Pinging the Azure IMDS endpoint`);
+                logger$i.info(`${msiName$4}: Pinging the Azure IMDS endpoint`);
                 await identityClient.sendRequest(request);
             }
             catch (err) {
                 // If the request failed, or Node.js was unable to establish a connection,
                 // or the host was down, we'll assume the IMDS endpoint isn't available.
                 if (coreUtil.isError(err)) {
-                    logger$h.verbose(`${msiName$4}: Caught error ${err.name}: ${err.message}`);
+                    logger$i.verbose(`${msiName$4}: Caught error ${err.name}: ${err.message}`);
                 }
-                logger$h.info(`${msiName$4}: The Azure IMDS endpoint is unavailable`);
+                logger$i.info(`${msiName$4}: The Azure IMDS endpoint is unavailable`);
                 return false;
             }
             // If we received any response, the endpoint is available
-            logger$h.info(`${msiName$4}: The Azure IMDS endpoint is available`);
+            logger$i.info(`${msiName$4}: The Azure IMDS endpoint is available`);
             return true;
         });
     },
     async getToken(configuration, getTokenOptions = {}) {
         const { identityClient, scopes, clientId, resourceId } = configuration;
         if (process.env.AZURE_POD_IDENTITY_AUTHORITY_HOST) {
-            logger$h.info(`${msiName$4}: Using the Azure IMDS endpoint coming from the environment variable AZURE_POD_IDENTITY_AUTHORITY_HOST=${process.env.AZURE_POD_IDENTITY_AUTHORITY_HOST}.`);
+            logger$i.info(`${msiName$4}: Using the Azure IMDS endpoint coming from the environment variable AZURE_POD_IDENTITY_AUTHORITY_HOST=${process.env.AZURE_POD_IDENTITY_AUTHORITY_HOST}.`);
         }
         else {
-            logger$h.info(`${msiName$4}: Using the default Azure IMDS endpoint ${imdsHost}.`);
+            logger$i.info(`${msiName$4}: Using the default Azure IMDS endpoint ${imdsHost}.`);
         }
         let nextDelayInMs = imdsMsiRetryConfig.startDelayInMs;
         for (let retries = 0; retries < imdsMsiRetryConfig.maxRetries; retries++) {
@@ -1742,7 +1742,7 @@ const imdsMsi = {
 // Copyright (c) Microsoft Corporation.
 const msiName$3 = "ManagedIdentityCredential - Azure Arc MSI";
-const logger$g = credentialLogger(msiName$3);
+const logger$h = credentialLogger(msiName$3);
 /**
  * Generates the options used on the request for an access token.
  */
@@ -1815,12 +1815,12 @@ const arcMsi = {
     async isAvailable({ scopes }) {
         const resource = mapScopesToResource(scopes);
         if (!resource) {
-            logger$g.info(`${msiName$3}: Unavailable. Multiple scopes are not supported.`);
+            logger$h.info(`${msiName$3}: Unavailable. Multiple scopes are not supported.`);
             return false;
         }
         const result = Boolean(process.env.IMDS_ENDPOINT && process.env.IDENTITY_ENDPOINT);
         if (!result) {
-            logger$g.info(`${msiName$3}: The environment variables needed are: IMDS_ENDPOINT and IDENTITY_ENDPOINT`);
+            logger$h.info(`${msiName$3}: The environment variables needed are: IMDS_ENDPOINT and IDENTITY_ENDPOINT`);
         }
         return result;
     },
@@ -1828,12 +1828,12 @@ const arcMsi = {
         var _a;
         const { identityClient, scopes, clientId, resourceId } = configuration;
         if (clientId) {
-            logger$g.warning(`${msiName$3}: user-assigned identities not supported. The argument clientId might be ignored by the service.`);
+            logger$h.warning(`${msiName$3}: user-assigned identities not supported. The argument clientId might be ignored by the service.`);
         }
         if (resourceId) {
-            logger$g.warning(`${msiName$3}: user defined managed Identity by resource Id is not supported. Argument resourceId will be ignored.`);
+            logger$h.warning(`${msiName$3}: user defined managed Identity by resource Id is not supported. Argument resourceId will be ignored.`);
         }
-        logger$g.info(`${msiName$3}: Authenticating.`);
+        logger$h.info(`${msiName$3}: Authenticating.`);
         const requestOptions = Object.assign(Object.assign({ disableJsonStringifyOnBody: true, deserializationMapper: undefined, abortSignal: getTokenOptions.abortSignal }, prepareRequestOptions$3(scopes, clientId, resourceId)), { allowInsecureConnection: true });
         const filePath = await filePathRequest(identityClient, requestOptions);
         if (!filePath) {
@@ -1851,7 +1851,7 @@ const arcMsi = {
 // Copyright (c) Microsoft Corporation.
 const msiName$2 = "ManagedIdentityCredential - Token Exchange";
-const logger$f = credentialLogger(msiName$2);
+const logger$g = credentialLogger(msiName$2);
 const readFileAsync$1 = util.promisify(fs__default["default"].readFile);
 /**
  * Generates the options used on the request for an access token.
@@ -1907,13 +1907,13 @@ function tokenExchangeMsi() {
             const env = process.env;
             const result = Boolean((clientId || env.AZURE_CLIENT_ID) && env.AZURE_TENANT_ID && azureFederatedTokenFilePath);
             if (!result) {
-                logger$f.info(`${msiName$2}: Unavailable. The environment variables needed are: AZURE_CLIENT_ID (or the client ID sent through the parameters), AZURE_TENANT_ID and AZURE_FEDERATED_TOKEN_FILE`);
+                logger$g.info(`${msiName$2}: Unavailable. The environment variables needed are: AZURE_CLIENT_ID (or the client ID sent through the parameters), AZURE_TENANT_ID and AZURE_FEDERATED_TOKEN_FILE`);
             }
             return result;
         },
         async getToken(configuration, getTokenOptions = {}) {
             const { identityClient, scopes, clientId } = configuration;
-            logger$f.info(`${msiName$2}: Using the client assertion coming from environment variables.`);
+            logger$g.info(`${msiName$2}: Using the client assertion coming from environment variables.`);
             let assertion;
             try {
                 assertion = await readAssertion();
@@ -1942,7 +1942,7 @@ function tokenExchangeMsi() {
 //   curl --insecure $IDENTITY_ENDPOINT'?api-version=2019-07-01-preview&resource=https://vault.azure.net/' -H "Secret: $IDENTITY_HEADER"
 //
 const msiName$1 = "ManagedIdentityCredential - Fabric MSI";
-const logger$e = credentialLogger(msiName$1);
+const logger$f = credentialLogger(msiName$1);
 /**
  * Generates the options used on the request for an access token.
  */
@@ -1985,22 +1985,22 @@ const fabricMsi = {
     async isAvailable({ scopes }) {
         const resource = mapScopesToResource(scopes);
         if (!resource) {
-            logger$e.info(`${msiName$1}: Unavailable. Multiple scopes are not supported.`);
+            logger$f.info(`${msiName$1}: Unavailable. Multiple scopes are not supported.`);
             return false;
         }
         const env = process.env;
         const result = Boolean(env.IDENTITY_ENDPOINT && env.IDENTITY_HEADER && env.IDENTITY_SERVER_THUMBPRINT);
         if (!result) {
-            logger$e.info(`${msiName$1}: Unavailable. The environment variables needed are: IDENTITY_ENDPOINT, IDENTITY_HEADER and IDENTITY_SERVER_THUMBPRINT`);
+            logger$f.info(`${msiName$1}: Unavailable. The environment variables needed are: IDENTITY_ENDPOINT, IDENTITY_HEADER and IDENTITY_SERVER_THUMBPRINT`);
         }
         return result;
     },
     async getToken(configuration, getTokenOptions = {}) {
         const { scopes, identityClient, clientId, resourceId } = configuration;
         if (resourceId) {
-            logger$e.warning(`${msiName$1}: user defined managed Identity by resource Id is not supported. Argument resourceId might be ignored by the service.`);
+            logger$f.warning(`${msiName$1}: user defined managed Identity by resource Id is not supported. Argument resourceId might be ignored by the service.`);
         }
-        logger$e.info([
+        logger$f.info([
             `${msiName$1}:`,
             "Using the endpoint and the secret coming from the environment variables:",
             `IDENTITY_ENDPOINT=${process.env.IDENTITY_ENDPOINT},`,
@@ -2020,7 +2020,7 @@ const fabricMsi = {
 // Copyright (c) Microsoft Corporation.
 const msiName = "ManagedIdentityCredential - AppServiceMSI 2019";
-const logger$d = credentialLogger(msiName);
+const logger$e = credentialLogger(msiName);
 /**
  * Generates the options used on the request for an access token.
  */
@@ -2063,19 +2063,19 @@ const appServiceMsi2019 = {
     async isAvailable({ scopes }) {
         const resource = mapScopesToResource(scopes);
         if (!resource) {
-            logger$d.info(`${msiName}: Unavailable. Multiple scopes are not supported.`);
+            logger$e.info(`${msiName}: Unavailable. Multiple scopes are not supported.`);
             return false;
         }
         const env = process.env;
         const result = Boolean(env.IDENTITY_ENDPOINT && env.IDENTITY_HEADER);
         if (!result) {
-            logger$d.info(`${msiName}: Unavailable. The environment variables needed are: IDENTITY_ENDPOINT and IDENTITY_HEADER.`);
+            logger$e.info(`${msiName}: Unavailable. The environment variables needed are: IDENTITY_ENDPOINT and IDENTITY_HEADER.`);
         }
         return result;
     },
     async getToken(configuration, getTokenOptions = {}) {
         const { identityClient, scopes, clientId, resourceId } = configuration;
-        logger$d.info(`${msiName}: Using the endpoint and the secret coming form the environment variables: IDENTITY_ENDPOINT=${process.env.IDENTITY_ENDPOINT} and IDENTITY_HEADER=[REDACTED].`);
+        logger$e.info(`${msiName}: Using the endpoint and the secret coming form the environment variables: IDENTITY_ENDPOINT=${process.env.IDENTITY_ENDPOINT} and IDENTITY_HEADER=[REDACTED].`);
         const request = coreRestPipeline.createPipelineRequest(Object.assign(Object.assign({ abortSignal: getTokenOptions.abortSignal }, prepareRequestOptions(scopes, clientId, resourceId)), {
             // Generally, MSI endpoints use the HTTP protocol, without transport layer security (TLS).
             allowInsecureConnection: true }));
@@ -2085,7 +2085,7 @@ const appServiceMsi2019 = {
 };
 // Copyright (c) Microsoft Corporation.
-const logger$c = credentialLogger("ManagedIdentityCredential");
+const logger$d = credentialLogger("ManagedIdentityCredential");
 /**
  * Attempts authentication using a managed identity available at the deployment environment.
  * This authentication type works in Azure VMs, App Service instances, Azure Functions applications,
@@ -2206,10 +2206,10 @@ class ManagedIdentityCredential {
                     claims: options === null || options === void 0 ? void 0 : options.claims,
                 };
                 this.confidentialApp.SetAppTokenProvider(async (appTokenProviderParameters = appTokenParameters) => {
-                    logger$c.info(`SetAppTokenProvider invoked with parameters- ${JSON.stringify(appTokenProviderParameters)}`);
+                    logger$d.info(`SetAppTokenProvider invoked with parameters- ${JSON.stringify(appTokenProviderParameters)}`);
                     const resultToken = await this.authenticateManagedIdentity(scopes, Object.assign(Object.assign({}, updatedOptions), appTokenProviderParameters));
                     if (resultToken) {
-                        logger$c.info(`SetAppTokenProvider has saved the token in cache`);
+                        logger$d.info(`SetAppTokenProvider has saved the token in cache`);
                         const expiresInSeconds = (resultToken === null || resultToken === void 0 ? void 0 : resultToken.expiresOnTimestamp)
                             ? Math.floor((resultToken.expiresOnTimestamp - Date.now()) / 1000)
                             : 0;
@@ -2219,7 +2219,7 @@ class ManagedIdentityCredential {
                         };
                     }
                     else {
-                        logger$c.info(`SetAppTokenProvider token has "no_access_token_returned" as the saved token`);
+                        logger$d.info(`SetAppTokenProvider token has "no_access_token_returned" as the saved token`);
                         return {
                             accessToken: "no_access_token_returned",
                             expiresInSeconds: 0,
@@ -2236,7 +2236,7 @@ class ManagedIdentityCredential {
                     // It also means that the endpoint answered with either 200 or 201 (see the sendTokenRequest method),
                     // yet we had no access token. For this reason, we'll throw once with a specific message:
                     const error = new CredentialUnavailableError("The managed identity endpoint was reached, yet no tokens were received.");
-                    logger$c.getToken.info(formatError(scopes, error));
+                    logger$d.getToken.info(formatError(scopes, error));
                     throw error;
                 }
                 // Since `authenticateManagedIdentity` didn't throw, and the result was not null,
@@ -2248,10 +2248,10 @@ class ManagedIdentityCredential {
                 // We've previously determined that the endpoint was unavailable,
                 // either because it was unreachable or permanently unable to authenticate.
                 const error = new CredentialUnavailableError("The managed identity endpoint is not currently available");
-                logger$c.getToken.info(formatError(scopes, error));
+                logger$d.getToken.info(formatError(scopes, error));
                 throw error;
             }
-            logger$c.getToken.info(formatSuccess(scopes));
+            logger$d.getToken.info(formatSuccess(scopes));
             return result;
         }
         catch (err) {
@@ -2273,14 +2273,14 @@ class ManagedIdentityCredential {
             // we can safely assume the credential is unavailable.
             if (err.code === "ENETUNREACH") {
                 const error = new CredentialUnavailableError(`${ManagedIdentityCredential.name}: Unavailable. Network unreachable. Message: ${err.message}`);
-                logger$c.getToken.info(formatError(scopes, error));
+                logger$d.getToken.info(formatError(scopes, error));
                 throw error;
             }
             // If either the host was unreachable,
             // we can safely assume the credential is unavailable.
             if (err.code === "EHOSTUNREACH") {
                 const error = new CredentialUnavailableError(`${ManagedIdentityCredential.name}: Unavailable. No managed identity endpoint found. Message: ${err.message}`);
-                logger$c.getToken.info(formatError(scopes, error));
+                logger$d.getToken.info(formatError(scopes, error));
                 throw error;
             }
             // If err.statusCode has a value of 400, it comes from sendTokenRequest,
@@ -2311,7 +2311,7 @@ class ManagedIdentityCredential {
      */
     handleResult(scopes, result, getTokenOptions) {
         this.ensureValidMsalToken(scopes, result, getTokenOptions);
-        logger$c.getToken.info(formatSuccess(scopes));
+        logger$d.getToken.info(formatSuccess(scopes));
         return {
             token: result.accessToken,
             expiresOnTimestamp: result.expiresOn.getTime(),
@@ -2323,7 +2323,7 @@ class ManagedIdentityCredential {
      */
     ensureValidMsalToken(scopes, msalToken, getTokenOptions) {
         const error = (message) => {
-            logger$c.getToken.info(message);
+            logger$d.getToken.info(message);
             return new AuthenticationRequiredError({
                 scopes: Array.isArray(scopes) ? scopes : [scopes],
                 getTokenOptions,
@@ -2419,7 +2419,7 @@ const cliCredentialInternals = {
         });
     },
 };
-const logger$b = credentialLogger("AzureCliCredential");
+const logger$c = credentialLogger("AzureCliCredential");
 /**
  * This credential will use the currently logged-in user login information
  * via the Azure CLI ('az') commandline tool.
@@ -2450,8 +2450,8 @@ class AzureCliCredential {
     async getToken(scopes, options = {}) {
         const tenantId = processMultiTenantRequest(this.tenantId, options, this.additionallyAllowedTenantIds);
         const scope = typeof scopes === "string" ? scopes : scopes[0];
-        logger$b.getToken.info(`Using the scope ${scope}`);
-        ensureValidScope(scope, logger$b);
+        logger$c.getToken.info(`Using the scope ${scope}`);
+        ensureValidScope(scope, logger$c);
         const resource = getScopeResource(scope);
         return tracingClient.withSpan(`${this.constructor.name}.getToken`, options, async () => {
             var _a, _b, _c, _d;
@@ -2462,18 +2462,18 @@ class AzureCliCredential {
                 const isNotInstallError = ((_c = obj.stderr) === null || _c === void 0 ? void 0 : _c.match("az:(.*)not found")) || ((_d = obj.stderr) === null || _d === void 0 ? void 0 : _d.startsWith("'az' is not recognized"));
                 if (isNotInstallError) {
                     const error = new CredentialUnavailableError("Azure CLI could not be found. Please visit https://aka.ms/azure-cli for installation instructions and then, once installed, authenticate to your Azure account using 'az login'.");
-                    logger$b.getToken.info(formatError(scopes, error));
+                    logger$c.getToken.info(formatError(scopes, error));
                     throw error;
                 }
                 if (isLoginError) {
                     const error = new CredentialUnavailableError("Please run 'az login' from a command prompt to authenticate before using this credential.");
-                    logger$b.getToken.info(formatError(scopes, error));
+                    logger$c.getToken.info(formatError(scopes, error));
                     throw error;
                 }
                 try {
                     const responseData = obj.stdout;
                     const response = JSON.parse(responseData);
-                    logger$b.getToken.info(formatSuccess(scopes));
+                    logger$c.getToken.info(formatSuccess(scopes));
                     const returnValue = {
                         token: response.accessToken,
                         expiresOnTimestamp: new Date(response.expiresOn).getTime(),
@@ -2491,7 +2491,7 @@ class AzureCliCredential {
                 const error = err.name === "CredentialUnavailableError"
                     ? err
                     : new CredentialUnavailableError(err.message || "Unknown error while trying to retrieve the access token");
-                logger$b.getToken.info(formatError(scopes, error));
+                logger$c.getToken.info(formatError(scopes, error));
                 throw error;
             }
         });
@@ -2529,7 +2529,7 @@ const processUtils = {
 };
 // Copyright (c) Microsoft Corporation.
-const logger$a = credentialLogger("AzurePowerShellCredential");
+const logger$b = credentialLogger("AzurePowerShellCredential");
 const isWindows = process.platform === "win32";
 /**
  * Returns a platform-appropriate command name by appending ".exe" on Windows.
@@ -2661,12 +2661,12 @@ class AzurePowerShellCredential {
         return tracingClient.withSpan(`${this.constructor.name}.getToken`, options, async () => {
             const tenantId = processMultiTenantRequest(this.tenantId, options, this.additionallyAllowedTenantIds);
             const scope = typeof scopes === "string" ? scopes : scopes[0];
-            ensureValidScope(scope, logger$a);
-            logger$a.getToken.info(`Using the scope ${scope}`);
+            ensureValidScope(scope, logger$b);
+            logger$b.getToken.info(`Using the scope ${scope}`);
             const resource = getScopeResource(scope);
             try {
                 const response = await this.getAzurePowerShellAccessToken(resource, tenantId);
-                logger$a.getToken.info(formatSuccess(scopes));
+                logger$b.getToken.info(formatSuccess(scopes));
                 return {
                     token: response.Token,
                     expiresOnTimestamp: new Date(response.ExpiresOn).getTime(),
@@ -2675,16 +2675,16 @@ class AzurePowerShellCredential {
             catch (err) {
                 if (isNotInstalledError(err)) {
                     const error = new CredentialUnavailableError(powerShellPublicErrorMessages.installed);
-                    logger$a.getToken.info(formatError(scope, error));
+                    logger$b.getToken.info(formatError(scope, error));
                     throw error;
                 }
                 else if (isLoginError(err)) {
                     const error = new CredentialUnavailableError(powerShellPublicErrorMessages.login);
-                    logger$a.getToken.info(formatError(scope, error));
+                    logger$b.getToken.info(formatError(scope, error));
                     throw error;
                 }
                 const error = new CredentialUnavailableError(`${err}. ${powerShellPublicErrorMessages.troubleshoot}`);
-                logger$a.getToken.info(formatError(scope, error));
+                logger$b.getToken.info(formatError(scope, error));
                 throw error;
             }
         });
@@ -2695,7 +2695,7 @@ class AzurePowerShellCredential {
 /**
  * @internal
  */
-const logger$9 = credentialLogger("ChainedTokenCredential");
+const logger$a = credentialLogger("ChainedTokenCredential");
 /**
  * Enables multiple `TokenCredential` implementations to be tried in order
  * until one of the getToken methods returns an access token.
@@ -2746,17 +2746,17 @@ class ChainedTokenCredential {
                         errors.push(err);
                     }
                     else {
-                        logger$9.getToken.info(formatError(scopes, err));
+                        logger$a.getToken.info(formatError(scopes, err));
                         throw err;
                     }
                 }
             }
             if (!token && errors.length > 0) {
                 const err = new AggregateAuthenticationError(errors, "ChainedTokenCredential authentication failed.");
-                logger$9.getToken.info(formatError(scopes, err));
+                logger$a.getToken.info(formatError(scopes, err));
                 throw err;
             }
-            logger$9.getToken.info(`Result for ${successfulCredentialName}: ${formatSuccess(scopes)}`);
+            logger$a.getToken.info(`Result for ${successfulCredentialName}: ${formatSuccess(scopes)}`);
             if (token === null) {
                 throw new CredentialUnavailableError("Failed to retrieve a valid token");
             }
@@ -2872,7 +2872,7 @@ class MsalClientCertificate extends MsalNode {
 // Copyright (c) Microsoft Corporation.
 const credentialName$2 = "ClientCertificateCredential";
-const logger$8 = credentialLogger(credentialName$2);
+const logger$9 = credentialLogger(credentialName$2);
 /**
  * Enables authentication to Azure Active Directory using a PEM-encoded
  * certificate that is assigned to an App Registration. More information
@@ -2903,7 +2903,7 @@ class ClientCertificateCredential {
             throw new Error(`${credentialName$2}: To avoid unexpected behaviors, providing both the contents of a PEM certificate and the path to a PEM certificate is forbidden. To troubleshoot, visit https://aka.ms/azsdk/js/identity/serviceprincipalauthentication/troubleshoot.`);
         }
         this.msalFlow = new MsalClientCertificate(Object.assign(Object.assign({}, options), { configuration,
-            logger: logger$8,
+            logger: logger$9,
             clientId,
             tenantId, sendCertificateChain: options.sendCertificateChain, tokenCredentialOptions: options }));
     }
@@ -2955,7 +2955,7 @@ class MsalClientSecret extends MsalNode {
 }
 // Copyright (c) Microsoft Corporation.
-const logger$7 = credentialLogger("ClientSecretCredential");
+const logger$8 = credentialLogger("ClientSecretCredential");
 /**
  * Enables authentication to Azure Active Directory using a client secret
  * that was generated for an App Registration. More information on how
@@ -2981,7 +2981,7 @@ class ClientSecretCredential {
         }
         this.tenantId = tenantId;
         this.additionallyAllowedTenantIds = resolveAddionallyAllowedTenantIds(options === null || options === void 0 ? void 0 : options.additionallyAllowedTenants);
-        this.msalFlow = new MsalClientSecret(Object.assign(Object.assign({}, options), { logger: logger$7,
+        this.msalFlow = new MsalClientSecret(Object.assign(Object.assign({}, options), { logger: logger$8,
             clientId,
             tenantId,
             clientSecret, tokenCredentialOptions: options }));
@@ -3034,7 +3034,7 @@ class MsalUsernamePassword extends MsalNode {
 }
 // Copyright (c) Microsoft Corporation.
-const logger$6 = credentialLogger("UsernamePasswordCredential");
+const logger$7 = credentialLogger("UsernamePasswordCredential");
 /**
  * Enables authentication to Azure Active Directory with a user's
  * username and password. This credential requires a high degree of
@@ -3059,7 +3059,7 @@ class UsernamePasswordCredential {
         }
         this.tenantId = tenantId;
         this.additionallyAllowedTenantIds = resolveAddionallyAllowedTenantIds(options === null || options === void 0 ? void 0 : options.additionallyAllowedTenants);
-        this.msalFlow = new MsalUsernamePassword(Object.assign(Object.assign({}, options), { logger: logger$6,
+        this.msalFlow = new MsalUsernamePassword(Object.assign(Object.assign({}, options), { logger: logger$7,
             clientId,
             tenantId,
             username,
@@ -3110,7 +3110,7 @@ function getAdditionallyAllowedTenants() {
     return additionallyAllowedValues.split(";");
 }
 const credentialName$1 = "EnvironmentCredential";
-const logger$5 = credentialLogger(credentialName$1);
+const logger$6 = credentialLogger(credentialName$1);
 /**
  * Enables authentication to Azure Active Directory using a client secret or certificate, or as a user
  * with a username and password.
@@ -3144,29 +3144,29 @@ class EnvironmentCredential {
         // Keep track of any missing environment variables for error details
         this._credential = undefined;
         const assigned = processEnvVars(AllSupportedEnvironmentVariables).assigned.join(", ");
-        logger$5.info(`Found the following environment variables: ${assigned}`);
+        logger$6.info(`Found the following environment variables: ${assigned}`);
         const tenantId = process.env.AZURE_TENANT_ID, clientId = process.env.AZURE_CLIENT_ID, clientSecret = process.env.AZURE_CLIENT_SECRET;
         const additionallyAllowedTenantIds = getAdditionallyAllowedTenants();
         const newOptions = Object.assign(Object.assign({}, options), { additionallyAllowedTenantIds });
         if (tenantId) {
-            checkTenantId(logger$5, tenantId);
+            checkTenantId(logger$6, tenantId);
         }
         if (tenantId && clientId && clientSecret) {
-            logger$5.info(`Invoking ClientSecretCredential with tenant ID: ${tenantId}, clientId: ${clientId} and clientSecret: [REDACTED]`);
+            logger$6.info(`Invoking ClientSecretCredential with tenant ID: ${tenantId}, clientId: ${clientId} and clientSecret: [REDACTED]`);
             this._credential = new ClientSecretCredential(tenantId, clientId, clientSecret, newOptions);
             return;
         }
         const certificatePath = process.env.AZURE_CLIENT_CERTIFICATE_PATH;
         const certificatePassword = process.env.AZURE_CLIENT_CERTIFICATE_PASSWORD;
         if (tenantId && clientId && certificatePath) {
-            logger$5.info(`Invoking ClientCertificateCredential with tenant ID: ${tenantId}, clientId: ${clientId} and certificatePath: ${certificatePath}`);
+            logger$6.info(`Invoking ClientCertificateCredential with tenant ID: ${tenantId}, clientId: ${clientId} and certificatePath: ${certificatePath}`);
             this._credential = new ClientCertificateCredential(tenantId, clientId, { certificatePath, certificatePassword }, newOptions);
             return;
         }
         const username = process.env.AZURE_USERNAME;
         const password = process.env.AZURE_PASSWORD;
         if (tenantId && clientId && username && password) {
-            logger$5.info(`Invoking UsernamePasswordCredential with tenant ID: ${tenantId}, clientId: ${clientId} and username: ${username}`);
+            logger$6.info(`Invoking UsernamePasswordCredential with tenant ID: ${tenantId}, clientId: ${clientId} and username: ${username}`);
             this._credential = new UsernamePasswordCredential(tenantId, clientId, username, password, newOptions);
         }
     }
@@ -3181,7 +3181,7 @@ class EnvironmentCredential {
             if (this._credential) {
                 try {
                     const result = await this._credential.getToken(scopes, newOptions);
-                    logger$5.getToken.info(formatSuccess(scopes));
+                    logger$6.getToken.info(formatSuccess(scopes));
                     return result;
                 }
                 catch (err) {
@@ -3189,7 +3189,7 @@ class EnvironmentCredential {
                         error: `${credentialName$1} authentication failed. To troubleshoot, visit https://aka.ms/azsdk/js/identity/environmentcredential/troubleshoot.`,
                         error_description: err.message.toString().split("More details:").join(""),
                     });
-                    logger$5.getToken.info(formatError(scopes, authenticationError));
+                    logger$6.getToken.info(formatError(scopes, authenticationError));
                     throw authenticationError;
                 }
             }
@@ -3198,6 +3198,136 @@ class EnvironmentCredential {
     }
 }
+// Copyright (c) Microsoft Corporation.
+/**
+ * Mockable reference to the Developer CLI credential cliCredentialFunctions
+ * @internal
+ */
+const developerCliCredentialInternals = {
+    /**
+     * @internal
+     */
+    getSafeWorkingDir() {
+        if (process.platform === "win32") {
+            if (!process.env.SystemRoot) {
+                throw new Error("Azure Developer CLI credential expects a 'SystemRoot' environment variable");
+            }
+            return process.env.SystemRoot;
+        }
+        else {
+            return "/bin";
+        }
+    },
+    /**
+     * Gets the access token from Azure Developer CLI
+     * @param scopes - The scopes to use when getting the token
+     * @internal
+     */
+    async getAzdAccessToken(scopes, tenantId) {
+        let tenantSection = [];
+        if (tenantId) {
+            tenantSection = ["--tenant-id", tenantId];
+        }
+        return new Promise((resolve, reject) => {
+            try {
+                child_process__default["default"].execFile("azd", [
+                    "auth",
+                    "token",
+                    "--output",
+                    "json",
+                    ...scopes.reduce((previous, current) => previous.concat("--scope", current), []),
+                    ...tenantSection,
+                ], { cwd: developerCliCredentialInternals.getSafeWorkingDir(), shell: true }, (error, stdout, stderr) => {
+                    resolve({ stdout, stderr, error });
+                });
+            }
+            catch (err) {
+                reject(err);
+            }
+        });
+    },
+};
+const logger$5 = credentialLogger("AzureDeveloperCliCredential");
+/**
+ * This credential will use the currently logged-in user login information
+ * via the Azure Developer CLI ('az') commandline tool.
+ * To do so, it will read the user access token and expire time
+ * with Azure Developer CLI command "azd auth token".
+ */
+class AzureDeveloperCliCredential {
+    /**
+     * Creates an instance of the {@link AzureDeveloperCliCredential}.
+     *
+     * To use this credential, ensure that you have already logged
+     * in via the 'azd' tool using the command "azd login" from the commandline.
+     *
+     * @param options - Options, to optionally allow multi-tenant requests.
+     */
+    constructor(options) {
+        this.tenantId = options === null || options === void 0 ? void 0 : options.tenantId;
+        this.additionallyAllowedTenantIds = resolveAddionallyAllowedTenantIds(options === null || options === void 0 ? void 0 : options.additionallyAllowedTenants);
+    }
+    /**
+     * Authenticates with Azure Active Directory and returns an access token if successful.
+     * If authentication fails, a {@link CredentialUnavailableError} will be thrown with the details of the failure.
+     *
+     * @param scopes - The list of scopes for which the token will have access.
+     * @param options - The options used to configure any requests this
+     *                TokenCredential implementation might make.
+     */
+    async getToken(scopes, options = {}) {
+        const tenantId = processMultiTenantRequest(this.tenantId, options, this.additionallyAllowedTenantIds);
+        let scopeList;
+        if (typeof scopes === "string") {
+            scopeList = [scopes];
+        }
+        else {
+            scopeList = scopes;
+        }
+        logger$5.getToken.info(`Using the scopes ${scopes}`);
+        return tracingClient.withSpan(`${this.constructor.name}.getToken`, options, async () => {
+            var _a, _b, _c;
+            try {
+                const obj = await developerCliCredentialInternals.getAzdAccessToken(scopeList, tenantId);
+                const isNotLoggedInError = (_a = obj.stderr) === null || _a === void 0 ? void 0 : _a.match("not logged in, run `azd login` to login");
+                const isNotInstallError = ((_b = obj.stderr) === null || _b === void 0 ? void 0 : _b.match("azd:(.*)not found")) ||
+                    ((_c = obj.stderr) === null || _c === void 0 ? void 0 : _c.startsWith("'azd' is not recognized"));
+                if (isNotInstallError || (obj.error && obj.error.code === "ENOENT")) {
+                    const error = new CredentialUnavailableError("Azure Developer CLI could not be found. Please visit https://aka.ms/azure-dev for installation instructions and then, once installed, authenticate to your Azure account using 'azd login'.");
+                    logger$5.getToken.info(formatError(scopes, error));
+                    throw error;
+                }
+                if (isNotLoggedInError) {
+                    const error = new CredentialUnavailableError("Please run 'azd login' from a command prompt to authenticate before using this credential.");
+                    logger$5.getToken.info(formatError(scopes, error));
+                    throw error;
+                }
+                try {
+                    const resp = JSON.parse(obj.stdout);
+                    logger$5.getToken.info(formatSuccess(scopes));
+                    return {
+                        token: resp.token,
+                        expiresOnTimestamp: new Date(resp.expiresOn).getTime(),
+                    };
+                }
+                catch (e) {
+                    if (obj.stderr) {
+                        throw new CredentialUnavailableError(obj.stderr);
+                    }
+                    throw e;
+                }
+            }
+            catch (err) {
+                const error = err.name === "CredentialUnavailableError"
+                    ? err
+                    : new CredentialUnavailableError(err.message || "Unknown error while trying to retrieve the access token");
+                logger$5.getToken.info(formatError(scopes, error));
+                throw error;
+            }
+        });
+    }
+}
 // Copyright (c) Microsoft Corporation.
 /**
  * A shim around ManagedIdentityCredential that adapts it to accept
@@ -3229,6 +3359,7 @@ class DefaultManagedIdentityCredential extends ManagedIdentityCredential {
 const defaultCredentials = [
     EnvironmentCredential,
     DefaultManagedIdentityCredential,
+    AzureDeveloperCliCredential,
     AzureCliCredential,
     AzurePowerShellCredential,
 ];
@@ -3880,7 +4011,7 @@ exports.UsernamePasswordCredential = UsernamePasswordCredential;
 exports.VisualStudioCodeCredential = VisualStudioCodeCredential;
 exports.deserializeAuthenticationRecord = deserializeAuthenticationRecord;
 exports.getDefaultAzureCredential = getDefaultAzureCredential;
-exports.logger = logger$l;
+exports.logger = logger$m;
 exports.serializeAuthenticationRecord = serializeAuthenticationRecord;
 exports.useIdentityPlugin = useIdentityPlugin;
 //# sourceMappingURL=index.js.map