CredentialDescription.ManagedIdentityClientId Property

Reference

Definition

Namespace:: Microsoft.Identity.Abstractions

Assembly:: Microsoft.Identity.Abstractions.dll

Package:: Microsoft.Identity.Abstractions v7.2.0

Important

Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

When SourceType is SignedAssertionFromManagedIdentity, it specifies the client ID of the Azure user-assigned managed identity used to provide a signed assertion to act as a client credential for the application. This requires that the application is deployed on Azure, that the managed identity is configured, and that workload identity federation with the managed identity is declared in the application registration. For details, see https://learn.microsoft.com/azure/active-directory/workload-identities/workload-identity-federation.

public string? ManagedIdentityClientId { get; set; }

member this.ManagedIdentityClientId : string with get, set

Public Property ManagedIdentityClientId As String

Property Value

String

Examples

The JSON fragment below describes a workload identity federation with a user assigned managed identity:

{
    "ClientCredentials": [
    {
        "SourceType": "SignedAssertionFromManagedIdentity",
        "ManagedIdentityClientId": "12345"
    }]
}

The code below describes programmatically in C#, the same workload identity federation with a user assigned managed identity.

CredentialDescription credentialDescription = new CredentialDescription
{
    SourceType = CredentialSource.SignedAssertionFromManagedIdentity,
    ManagedIdentityClientId = "12345" // optional
};

Remarks

If you want to use the system-assigned managed identity, just use SourceType = SignedAssertionFromManagedIdentity and don't provide a managed identity client ID.

Applies to

Compartir a través de