Feature | Provide the same Managed Identity support as Azure.Identity

[MarcWils]

#616 introduced support for Managed Identities.

This may work for the most common scenarios. However, both Azure.Identity and Microsoft.Azure.Services.AppAuthentication have implementations which also support Service Fabric.

Using the SqlAuthenticationProvider from Microsoft.Azure.Services.AppAuthentication works in a Service Fabric application. The one from Microsoft.Data.SqlClient doesn't.

This may also be related to #771. However, the discussion there seems to mainly focussing on caching the access token.

It seems a choice has to be made between extending the built-in support in Microsoft.Data.SqlClient or providing seamless integration with Azure.Identity.

[cheenamalhotra]

Hi @MarcWils

Yes, we will be working on that soon, now that we've bumped up minimum .NET Framework version supported to be v4.6.1.
From #771 discussions, access Token caching changes are currently not finalized, so that's out of scope from that issue.

We will be replacing calls for token acquisition to use Azure.Identity instead and the same way for Managed Identity authentication.

[ericsampson]

Thanks @cheenamalhotra.

What does "(access_token caching) is out of scope" mean? I'm hoping that is going to be part of this implementation. Thanks!!

[cheenamalhotra]

Hi @ericsampson

There are 2 access token topics in that thread:

1. Integrate with Azure.Identity #771 (comment) (SqlConnection.AccessToken property - not relevant to Azure.Identity support and is in internal discussions for any potential improvements - I meant this before :))
2. Integrate with Azure.Identity #771 (comment) (Relates to caching tokens internally when acquiring from TokenCredential API, for which we will consider best options we have to implement/use caching, using Azure.Identity)

[ericsampson]

Thanks, there's a lot of moving pieces to keep track of in these conversations, especially since they're spread across a bunch of issues :)