az identity federated-credential
Manage federated identity credentials under user assigned identities.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az identity federated-credential create |
Create a federated identity credential under an existing user assigned identity. |
Core | GA |
| az identity federated-credential delete |
Delete a federated identity credential under an existing user assigned identity. |
Core | GA |
| az identity federated-credential list |
List all federated identity credentials under an existing user assigned identity. |
Core | GA |
| az identity federated-credential show |
Show a federated identity credential under an existing user assigned identity. |
Core | GA |
| az identity federated-credential update |
Update a federated identity credential under an existing user assigned identity. |
Core | GA |
az identity federated-credential create
Create a federated identity credential under an existing user assigned identity.
az identity federated-credential create --identity-name
--name
--resource-group
[--audiences]
[--issuer]
[--subject]Examples
Create a federated identity credential under a specific user assigned identity.
az identity federated-credential create --name myFicName --identity-name myIdentityName --resource-group myResourceGroup --issuer myIssuer --subject mySubject --audiences myAudiencesRequired Parameters
The name of the identity resource.
The name of the federated identity credential resource.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
The aud value in the token sent to Azure for getting the user-assigned managed identity token. The value configured in the federated credential and the one in the incoming token must exactly match for Azure to issue the access token.
The openId connect metadata URL of the issuer of the identity provider that Azure AD would use in the token exchange protocol for validating tokens before issuing a token as the user-assigned managed identity.
The sub value in the token sent to Azure AD for getting the user-assigned managed identity token. The value configured in the federated credential and the one in the incoming token must exactly match for Azure AD to issue the access token.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az identity federated-credential delete
Delete a federated identity credential under an existing user assigned identity.
az identity federated-credential delete --identity-name
--name
--resource-group
[--yes]Examples
Delete a federated identity credential under a specific user assigned identity.
az identity federated-credential delete --name myFicName --identity-name myIdentityName --resource-group myResourceGroupRequired Parameters
The name of the identity resource.
The name of the federated identity credential resource.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
Do not prompt for confirmation.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az identity federated-credential list
List all federated identity credentials under an existing user assigned identity.
az identity federated-credential list --identity-name
--resource-groupExamples
List all federated identity credentials under an existing user assigned identity.
az identity federated-credential list --identity-name myIdentityName --resource-group myResourceGroupRequired Parameters
The name of the identity resource.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az identity federated-credential show
Show a federated identity credential under an existing user assigned identity.
az identity federated-credential show --identity-name
--name
--resource-groupExamples
Show a federated identity credential under a specific user assigned identity.
az identity federated-credential show --name myFicName --identity-name myIdentityName --resource-group myResourceGroupRequired Parameters
The name of the identity resource.
The name of the federated identity credential resource.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az identity federated-credential update
Update a federated identity credential under an existing user assigned identity.
az identity federated-credential update --identity-name
--name
--resource-group
[--audiences]
[--issuer]
[--subject]Examples
Update a federated identity credential under a specific user assigned identity.
az identity federated-credential update --name myFicName --identity-name myIdentityName --resource-group myResourceGroup --issuer myIssuer --subject mySubject --audiences myAudiencesRequired Parameters
The name of the identity resource.
The name of the federated identity credential resource.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
The aud value in the token sent to Azure for getting the user-assigned managed identity token. The value configured in the federated credential and the one in the incoming token must exactly match for Azure to issue the access token.
The openId connect metadata URL of the issuer of the identity provider that Azure AD would use in the token exchange protocol for validating tokens before issuing a token as the user-assigned managed identity.
The sub value in the token sent to Azure AD for getting the user-assigned managed identity token. The value configured in the federated credential and the one in the incoming token must exactly match for Azure AD to issue the access token.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
