@azure/identity 4.5.0-alpha.20240917.2 → 4.5.0-alpha.20240926.2

Sign up to get free protection for your applications and to get access to all the features.
package/README.md CHANGED
@@ -157,19 +157,14 @@ You can find more examples of using various credentials in [Azure Identity Examp
157
157
 
158
158
  This example demonstrates authenticating the `KeyClient` from the [@azure/keyvault-keys](https://www.npmjs.com/package/@azure/keyvault-keys) client library using `DefaultAzureCredential`.
159
159
 
160
- ```javascript
161
- // The default credential first checks environment variables for configuration as described above.
162
- // If environment configuration is incomplete, it will try managed identity.
163
-
164
- // Azure Key Vault service to use
165
- import { KeyClient } from "@azure/keyvault-keys";
166
-
167
- // Azure authentication library to access Azure Key Vault
160
+ ```ts snippet:defaultazurecredential_authenticate
168
161
  import { DefaultAzureCredential } from "@azure/identity";
162
+ import { KeyClient } from "@azure/keyvault-keys";
169
163
 
164
+ // Configure vault URL
165
+ const vaultUrl = "https://<your-unique-keyvault-name>.vault.azure.net";
170
166
  // Azure SDK clients accept the credential as a parameter
171
167
  const credential = new DefaultAzureCredential();
172
-
173
168
  // Create authenticated client
174
169
  const client = new KeyClient(vaultUrl, credential);
175
170
  ```
@@ -182,17 +177,23 @@ A relatively common scenario involves authenticating using a user-assigned manag
182
177
 
183
178
  While `DefaultAzureCredential` is generally the quickest way to get started developing applications for Azure, more advanced users may want to customize the credentials considered when authenticating. The `ChainedTokenCredential` enables users to combine multiple credential instances to define a customized chain of credentials. This example demonstrates creating a `ChainedTokenCredential` that attempts to authenticate using two differently configured instances of `ClientSecretCredential`, to then authenticate the `KeyClient` from the [@azure/keyvault-keys](https://www.npmjs.com/package/@azure/keyvault-keys):
184
179
 
185
- ```typescript
180
+ ```ts snippet:chaintedtokencredential_authenticate
186
181
  import { ClientSecretCredential, ChainedTokenCredential } from "@azure/identity";
182
+ import { KeyClient } from "@azure/keyvault-keys";
187
183
 
184
+ // Configure variables
185
+ const vaultUrl = "https://<your-unique-keyvault-name>.vault.azure.net";
186
+ const tenantId = "<tenant-id>";
187
+ const clientId = "<client-id>";
188
+ const clientSecret = "<client-secret>";
189
+ const anotherClientId = "<another-client-id>";
190
+ const anotherSecret = "<another-client-secret>";
188
191
  // When an access token is requested, the chain will try each
189
192
  // credential in order, stopping when one provides a token
190
193
  const firstCredential = new ClientSecretCredential(tenantId, clientId, clientSecret);
191
194
  const secondCredential = new ClientSecretCredential(tenantId, anotherClientId, anotherSecret);
192
195
  const credentialChain = new ChainedTokenCredential(firstCredential, secondCredential);
193
-
194
196
  // The chain can be used anywhere a credential is required
195
- import { KeyClient } from "@azure/keyvault-keys";
196
197
  const client = new KeyClient(vaultUrl, credentialChain);
197
198
  ```
198
199
 
@@ -214,15 +215,16 @@ For examples of how to use managed identity for authentication, see [the example
214
215
 
215
216
  Credentials default to authenticating to the Microsoft Entra endpoint for Azure Public Cloud. To access resources in other clouds, such as Azure Government or a private cloud, configure credentials with the `authorityHost` argument in the constructor. The [`AzureAuthorityHosts`][authority_hosts] enum defines authorities for well-known clouds. For the US Government cloud, you could instantiate a credential this way:
216
217
 
217
- ```typescript
218
- import { AzureAuthorityHosts, ClientSecretCredential } from "@azure/identity";
218
+ ```ts snippet:cloudconfiguration_authenticate
219
+ import { ClientSecretCredential, AzureAuthorityHosts } from "@azure/identity";
220
+
219
221
  const credential = new ClientSecretCredential(
220
222
  "<YOUR_TENANT_ID>",
221
223
  "<YOUR_CLIENT_ID>",
222
224
  "<YOUR_CLIENT_SECRET>",
223
225
  {
224
226
  authorityHost: AzureAuthorityHosts.AzureGovernment,
225
- }
227
+ },
226
228
  );
227
229
  ```
228
230
 
@@ -234,15 +236,16 @@ AZURE_AUTHORITY_HOST=https://login.partner.microsoftonline.cn
234
236
 
235
237
  The `AzureAuthorityHosts` enum defines authorities for well-known clouds for your convenience; however, if the authority for your cloud isn't listed in `AzureAuthorityHosts`, you may pass any valid authority URL as a string argument. For example:
236
238
 
237
- ```typescript
238
- import { AzureAuthorityHosts, ClientSecretCredential } from "@azure/identity";
239
+ ```ts snippet:cloudconfiguration_authorityhost
240
+ import { ClientSecretCredential } from "@azure/identity";
241
+
239
242
  const credential = new ClientSecretCredential(
240
243
  "<YOUR_TENANT_ID>",
241
244
  "<YOUR_CLIENT_ID>",
242
245
  "<YOUR_CLIENT_SECRET>",
243
246
  {
244
247
  authorityHost: "https://login.partner.microsoftonline.cn",
245
- }
248
+ },
246
249
  );
247
250
  ```
248
251
 
package/dist/index.js CHANGED
@@ -1017,18 +1017,16 @@ const pluginContext = {
1017
1017
  *
1018
1018
  * Example:
1019
1019
  *
1020
- * ```javascript
1021
- * import { cachePersistencePlugin } from "@azure/identity-cache-persistence";
1020
+ * ```ts snippet:consumer_example
1021
+ * import { useIdentityPlugin, DeviceCodeCredential } from "@azure/identity";
1022
1022
  *
1023
- * import { useIdentityPlugin, DefaultAzureCredential } from "@azure/identity";
1024
1023
  * useIdentityPlugin(cachePersistencePlugin);
1025
- *
1026
- * // The plugin has the capability to extend `DefaultAzureCredential` and to
1024
+ * // The plugin has the capability to extend `DeviceCodeCredential` and to
1027
1025
  * // add middleware to the underlying credentials, such as persistence.
1028
- * const credential = new DefaultAzureCredential({
1026
+ * const credential = new DeviceCodeCredential({
1029
1027
  * tokenCachePersistenceOptions: {
1030
- * enabled: true
1031
- * }
1028
+ * enabled: true,
1029
+ * },
1032
1030
  * });
1033
1031
  * ```
1034
1032
  *
@@ -3061,7 +3059,14 @@ class ChainedTokenCredential {
3061
3059
  * @param sources - `TokenCredential` implementations to be tried in order.
3062
3060
  *
3063
3061
  * Example usage:
3064
- * ```javascript
3062
+ * ```ts snippet:chained_token_credential_example
3063
+ * import { ClientSecretCredential, ChainedTokenCredential } from "@azure/identity";
3064
+ *
3065
+ * const tenantId = "<tenant-id>";
3066
+ * const clientId = "<client-id>";
3067
+ * const clientSecret = "<client-secret>";
3068
+ * const anotherClientId = "<another-client-id>";
3069
+ * const anotherSecret = "<another-client-secret>";
3065
3070
  * const firstCredential = new ClientSecretCredential(tenantId, clientId, clientSecret);
3066
3071
  * const secondCredential = new ClientSecretCredential(tenantId, anotherClientId, anotherSecret);
3067
3072
  * const credentialChain = new ChainedTokenCredential(firstCredential, secondCredential);
@@ -3725,13 +3730,15 @@ class DeviceCodeCredential {
3725
3730
  *
3726
3731
  * Developers can configure how this message is shown by passing a custom `userPromptCallback`:
3727
3732
  *
3728
- * ```js
3733
+ * ```ts snippet:device_code_credential_example
3734
+ * import { DeviceCodeCredential } from "@azure/identity";
3735
+ *
3729
3736
  * const credential = new DeviceCodeCredential({
3730
- * tenantId: env.AZURE_TENANT_ID,
3731
- * clientId: env.AZURE_CLIENT_ID,
3737
+ * tenantId: process.env.AZURE_TENANT_ID,
3738
+ * clientId: process.env.AZURE_CLIENT_ID,
3732
3739
  * userPromptCallback: (info) => {
3733
3740
  * console.log("CUSTOMIZED PROMPT CALLBACK", info.message);
3734
- * }
3741
+ * },
3735
3742
  * });
3736
3743
  * ```
3737
3744
  *
@@ -4072,14 +4079,14 @@ class OnBehalfOfCredential {
4072
4079
  /**
4073
4080
  * Returns a callback that provides a bearer token.
4074
4081
  * For example, the bearer token can be used to authenticate a request as follows:
4075
- * ```js
4076
- * import { DefaultAzureCredential } from "@azure/identity";
4082
+ * ```ts snippet:token_provider_example
4083
+ * import { DefaultAzureCredential, getBearerTokenProvider } from "@azure/identity";
4084
+ * import { createPipelineRequest } from "@azure/core-rest-pipeline";
4077
4085
  *
4078
4086
  * const credential = new DefaultAzureCredential();
4079
4087
  * const scope = "https://cognitiveservices.azure.com/.default";
4080
4088
  * const getAccessToken = getBearerTokenProvider(credential, scope);
4081
4089
  * const token = await getAccessToken();
4082
- *
4083
4090
  * // usage
4084
4091
  * const request = createPipelineRequest({ url: "https://example.com" });
4085
4092
  * request.headers.set("Authorization", `Bearer ${token}`);