You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/azure-cache-for-redis/cache-azure-active-directory-for-authentication.md
+14-3Lines changed: 14 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -57,12 +57,20 @@ To use the ACL integration, your client application must assume the identity of
57
57
58
58
For information on using Microsoft Entra ID with Azure CLI, see the [references pages for identity](/cli/azure/redis/identity).
59
59
60
-
## Disable access keys based authentication on your cache
60
+
## Disable access key authentication on your cache
61
61
62
-
Using Microsoft Entra ID is the secure way to authenticate your cache. We recommend using Microsoft Entra ID and disabling access keys. If you have a cache where access keys are used, and you want to disable access keys, follow this procedure.
62
+
Using Microsoft Entra ID is the secure way to connect your cache. We recommend using Microsoft Entra ID and disabling access keys.
63
63
64
64
When disable access key Authentication for a cache, all existing client connections are terminated on the server side by Redis Launch, whether they use access keys or Microsoft Entra ID auth-based. You are advised to follow the recommended Redis client best practices to implement proper retry mechanisms for reconnecting MS Entra-based connections, if any.
65
65
66
+
Before you disable access keys:
67
+
68
+
- Before disabling access keys, Microsoft Entra ID authorizaton must be enabled.
69
+
- Disabling Access keys is only available for Basic, Standard and Premium tier caches.
70
+
- For geo-replicated caches, before you disable accces keys, you must: 1) unlink the caches, 2) disable access keys, and finally, 3) re-link the caches.
71
+
72
+
If you have a cache where access keys are used, and you want to disable access keys, follow this procedure.
73
+
66
74
1. In the Azure portal, select the Azure Cache for Redis instance where you'd like to disable access keys.
67
75
68
76
1. Select **Authentication** from the Resource menu.
@@ -75,7 +83,10 @@ When disable access key Authentication for a cache, all existing client connecti
75
83
76
84
1. You are asked to confirm that you want to update your configuration. Select **Yes**.
77
85
78
-
When the "Disable Access Key Authentication" setting is updated for a cache, all existing client connections, regardless of whether they connect using access key or Microsoft Entra IDauth-based, are terminated on the server side by Redis Launch. Customers are advised to follow the recommended Redis client best practices to implement proper retry mechanisms for reconnecting MS Entra-based connections, if any.
86
+
> [!IMPORTANT]
87
+
> When the **Disable Access Key Authentication**" setting is changed for a cache, all existing client connections, using access keys or Microsoft Entra ID, are terminated on the server side by Redis Launch. You should follow the recommended best practices to implement proper retry mechanisms for reconnecting MS Entra-based connections, if any. For more information, see [Connection resilience](cache-best-practices-connection.md).
88
+
89
+
<!-- are we sure we want to call out Redis Launch here? Readers might not know what it is. Does it matter that it is Redis Launch -->
79
90
80
91
## Using data access configuration with your cache
0 commit comments