Skip to content

Commit 5b4b220

Browse files
dlevy-msft-sqldlevy-msft-sql
authored
Update sqlcmd-authentication.md
Update to include example for service principal auth
1 parent 01b1802 commit 5b4b220

File tree

1 file changed

+7
-3
lines changed

1 file changed

+7
-3
lines changed

docs/tools/sqlcmd/sqlcmd-authentication.md

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -68,18 +68,22 @@ Use this method when running **sqlcmd** (Go) on an Azure VM that has either a sy
6868
This example shows how to connect using a Service Assigned Managed Identity (SAMI):
6969

7070
```console
71-
-S testsrv.database.windows.net -d Target_DB_or_DW --authentication-method ActiveDirectoryManagedIdentity
71+
sqlcmd -S testsrv.database.windows.net -d Target_DB_or_DW --authentication-method ActiveDirectoryManagedIdentity
7272
```
7373

7474
This example shows how to connect with a User Assigned Managed Identity (UAMI) by adding the Client Id of the user assigned managed identity:
7575

7676
```console
77-
-S testsrv.database.windows.net -d Target_DB_or_DW --authentication-method ActiveDirectoryManagedIdentity -U <user-assigned-managed-identity-client-id>
77+
sqlcmd -S testsrv.database.windows.net -d Target_DB_or_DW --authentication-method ActiveDirectoryManagedIdentity -U <user-assigned-managed-identity-client-id>
7878
```
7979

8080
#### ActiveDirectoryServicePrincipal
8181

82-
This method authenticates the provided user name as a service principal ID and the password as the client secret for the service principal. Provide a user name in the form `<service principal id>@<tenant id>`. Set `SQLCMDPASSWORD` variable to the client secret. If using a certificate instead of a client secret, set `AZURE_CLIENT_CERTIFICATE_PATH` environment variable to the path of the certificate file.
82+
This method authenticates the provided user name as a service principal ID and the password as the client secret for the service principal. Provide a user name in the form `<application (client) ID>`. Set `SQLCMDPASSWORD` variable to the client secret. If using a certificate instead of a client secret, set `AZURE_CLIENT_CERTIFICATE_PATH` environment variable to the path of the certificate file.
83+
84+
```console
85+
sqlcmd -S testsrv.database.windows.net -d Target_DB_or_DW --authentication-method ActiveDirectoryServicePrincipal -U <Application (client) ID> -P <client secret>
86+
```
8387

8488
### Environment variables for Microsoft Entra authentication
8589

0 commit comments

Comments
 (0)