Skip to content

[azidentity] Allow Identity Binding mode to be set via configuration options #25664

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
clnv wants to merge 8 commits into
base: main
Choose a base branch
from
Open

[azidentity] Allow Identity Binding mode to be set via configuration options #25664

clnv wants to merge 8 commits into from

Conversation

@clnv
Copy link

@clnv clnv commented Nov 24, 2025

fix #25663

  • The purpose of this PR is explained in this or a referenced issue.
  • The PR does not update generated files.
  • Tests are included and/or updated for code changes.
  • Updates to module CHANGELOG.md are included.
  • MIT license headers are included in each file.

Copilot AI review requested due to automatic review settings November 24, 2025 23:02
@github-actions github-actions bot added Azure.Identity Community Contribution Community members are working on the issue customer-reported Issues that are reported by GitHub users external to the Azure organization. labels Nov 24, 2025
@github-actions
Copy link

github-actions bot commented Nov 24, 2025

Thank you for your contribution @zarvd! We will review the pull request and get back to you soon.

Copilot finished reviewing on behalf of clnv November 24, 2025 23:04
@github-actions
Copy link

github-actions bot commented Nov 24, 2025
edited
Loading

API Change Check

APIView identified API level changes in this PR and created the following API reviews

sdk/azidentity

Copilot AI reviewed Nov 24, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This pull request allows the Azure Identity Binding mode configuration to be set via explicit options rather than just environment variables. The PR adds:

  • A new GetFederatedToken function option to provide custom token retrieval logic
  • A new AzureProxy field in WorkloadIdentityCredentialOptions to configure proxy settings explicitly
  • Refactoring of internal configuration logic to separate environment variable reading from configuration application

Reviewed changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated 4 comments.

Show a summary per file
File Description
sdk/azidentity/workload_identity.go Adds GetFederatedToken and AzureProxy options to allow programmatic configuration instead of only environment variables
sdk/azidentity/workload_identity_test.go Adds tests for the new override functionality for federated tokens and Azure proxy configuration
sdk/azidentity/internal/customtokenproxy/configuration.go New file extracting configuration logic into a reusable Options struct with an Apply function
sdk/azidentity/internal/customtokenproxy/configuration_test.go Comprehensive tests for the new configuration API
sdk/azidentity/internal/customtokenproxy/transport.go Removes configuration logic moved to configuration.go
sdk/azidentity/internal/customtokenproxy/transport_test.go Removes tests moved to configuration_test.go, adds minor whitespace cleanup
sdk/azidentity/go.work.sum Updated Go workspace dependencies

@clnv clnv mentioned this pull request Nov 27, 2025
Merged
enj
enj suggested changes Dec 1, 2025
View reviewed changes
Copy link
Member

@enj enj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

First pass.

@github-project-automation github-project-automation bot moved this from Untriaged to In Progress in Azure Identity SDK Improvements Dec 1, 2025
jhendrixMSFT
jhendrixMSFT requested changes Dec 1, 2025
View reviewed changes
@clnv clnv force-pushed the custom-proxy-options branch from 3ca05c4 to 06c9eb3 Compare December 2, 2025 00:49
clnv
clnv commented Dec 2, 2025
View reviewed changes
sdk/azidentity/workload_identity.go
// The proxy feature is designed for applications that deploy to many clusters and clusters that host many
// applications. See the Azure Kubernetes Service identity bindings documentation for more information on when
// to set this option: https://learn.microsoft.com/azure/aks/identity-bindings-concepts
EnableAzureProxy bool
Copy link
Author

@clnv clnv Dec 2, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@enj @chlowell do you think we should use EnableCustomTokenProxy instead?

@clnv
Copy link
Author

clnv commented Dec 2, 2025

@microsoft-github-policy-service agree company="Microsoft"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@jhendrixMSFT jhendrixMSFT jhendrixMSFT requested changes

@chlowell chlowell Awaiting requested review from chlowell chlowell is a code owner

@RickWinter RickWinter Awaiting requested review from RickWinter RickWinter is a code owner

@joshfree joshfree Awaiting requested review from joshfree joshfree is a code owner automatically assigned from Azure/azure-sdk-write-identity

@pvaneck pvaneck Awaiting requested review from pvaneck pvaneck is a code owner automatically assigned from Azure/azure-sdk-write-identity

@KarishmaGhiya KarishmaGhiya Awaiting requested review from KarishmaGhiya KarishmaGhiya is a code owner automatically assigned from Azure/azure-sdk-write-identity

@xiangyan99 xiangyan99 Awaiting requested review from xiangyan99 xiangyan99 is a code owner automatically assigned from Azure/azure-sdk-write-identity

@JonathanCrd JonathanCrd Awaiting requested review from JonathanCrd JonathanCrd is a code owner automatically assigned from Azure/azure-sdk-write-identity

@anannya03 anannya03 Awaiting requested review from anannya03 anannya03 is a code owner automatically assigned from Azure/azure-sdk-write-identity

+1 more reviewer

@enj enj enj requested changes

Reviewers whose approvals may not affect merge requirements

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

Azure.Identity Community Contribution Community members are working on the issue customer-reported Issues that are reported by GitHub users external to the Azure organization.

Projects

Azure Identity SDK Improvements
Status: In Progress

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[azidentity] Allow Identity Binding mode to be set via configuration options instead of env vars

3 participants

@clnv @enj @jhendrixMSFT