UNPKG

@azure/identity

Version:

Provides credential implementations for Azure SDK libraries that can authenticate with Microsoft Entra ID

github.com/Azure/azure-sdk-for-js/tree/main/sdk/identity/identity/README.md

Azure/azure-sdk-for-js

47 lines 2.76 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
import type { AccessToken, GetTokenOptions, TokenCredential } from "@azure/core-auth"; import type { WorkloadIdentityCredentialOptions } from "./workloadIdentityCredentialOptions.js"; /** * Contains the list of all supported environment variable names so that an * appropriate error message can be generated when no credentials can be * configured. * * @internal */ export declare const SupportedWorkloadEnvironmentVariables: string[]; /** * Workload Identity authentication is a feature in Azure that allows applications running on virtual machines (VMs) * to access other Azure resources without the need for a service principal or managed identity. With Workload Identity * authentication, applications authenticate themselves using their own identity, rather than using a shared service * principal or managed identity. Under the hood, Workload Identity authentication uses the concept of Service Account * Credentials (SACs), which are automatically created by Azure and stored securely in the VM. By using Workload * Identity authentication, you can avoid the need to manage and rotate service principals or managed identities for * each application on each VM. Additionally, because SACs are created automatically and managed by Azure, you don't * need to worry about storing and securing sensitive credentials themselves. * The WorkloadIdentityCredential supports Microsoft Entra Workload ID authentication on Azure Kubernetes and acquires * a token using the SACs available in the Azure Kubernetes environment. * Refer to <a href="https://learn.microsoft.com/azure/aks/workload-identity-overview">Microsoft Entra * Workload ID</a> for more information. */ export declare class WorkloadIdentityCredential implements TokenCredential { private client; private azureFederatedTokenFileContent; private cacheDate; private federatedTokenFilePath; /** * WorkloadIdentityCredential supports Microsoft Entra Workload ID on Kubernetes. * * @param options - The identity client options to use for authentication. */ constructor(options?: WorkloadIdentityCredentialOptions); /** * Authenticates with Microsoft Entra ID and returns an access token if successful. * If authentication fails, a {@link CredentialUnavailableError} will be thrown with the details of the failure. * * @param scopes - The list of scopes for which the token will have access. * @param options - The options used to configure any requests this * TokenCredential implementation might make. */ getToken(scopes: string | string[], options?: GetTokenOptions): Promise<AccessToken>; private readFileContents; } //# sourceMappingURL=workloadIdentityCredential.d.ts.map