You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory/develop/workload-identity-federation-considerations.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -52,7 +52,7 @@ Resources in these regions can still use federated identity credentials created
52
52
53
53
*Applies to: applications and user-assigned managed identities (public preview)*
54
54
55
-
Only issuers that provide tokens signed using the RS256 algorithm are supported for token exchange using workload identity federation. Exchanging tokens signed with other algorithms may work, but have not been tested.
55
+
Only issuers that provide tokens signed using the RS256 algorithm are supported for token exchange using workload identity federation. Exchanging tokens signed with other algorithms may work, but haven't been tested.
56
56
57
57
## Azure Active Directory issuers aren't supported
58
58
@@ -87,7 +87,7 @@ When you use automation or Azure Resource Manager templates (ARM templates) to c
87
87
88
88
If federated identity credentials are provisioned in a loop, you can [provision them serially](https://learn.microsoft.com/en-us/azure/azure-resource-manager/templates/copy-resources#serial-or-parallel) by setting *"mode": "serial"*.
89
89
90
-
You can also provision multiple new federated identity credential sequentially using the *dependsOn* property. The following Azure Resource Manager template (ARM template) example creates three new federated identity credentials sequentially on a user-assigned managed identity by using the *dependsOn* property:
90
+
You can also provision multiple new federated identity credentials sequentially using the *dependsOn* property. The following Azure Resource Manager template (ARM template) example creates three new federated identity credentials sequentially on a user-assigned managed identity by using the *dependsOn* property:
91
91
92
92
```json
93
93
{
@@ -162,7 +162,7 @@ You can also provision multiple new federated identity credential sequentially u
162
162
163
163
*Applies to: applications and user-assigned managed identities (public preview)*
164
164
165
-
It is possible to use a deny [Azure Policy](../../governance/policy/overview.md) as in the following ARM template example:
165
+
It's possible to use a deny [Azure Policy](../../governance/policy/overview.md) as in the following ARM template example:
166
166
167
167
```json
168
168
{
@@ -200,7 +200,7 @@ The following error codes may be returned when creating, updating, getting, list
| 405 | The request format was unexpected: Support for federated identity credentials not enabled. | Federated identity credentials aren't enabled in this region. Refer to “Currently Supported regions”. |
203
-
| 400 | Federated identity credentials must have exactly 1 audience.| Currently, federated identity credentials support a single audience “api://AzureADTokenExchange”.|
203
+
| 400 | Federated identity credentials must have exactly one audience.| Currently, federated identity credentials support a single audience “api://AzureADTokenExchange”.|
204
204
| 400 | Federated Identity Credential from HTTP body has empty properties | All federated identity credential properties are mandatory. |
205
205
| 400 | Federated Identity Credential name '{ficName}' is invalid. | Alphanumeric, dash, underscore, no more than 3-120 symbols. First symbol is alphanumeric. |
206
206
| 404 | The parent user-assigned identity doesn't exist. | Check user assigned identity name in federated identity credentials resource path. |
0 commit comments