[Identity] Rename BrokerAuthenticationCredential as BrokerCredential (Azure#51612)

* rename symbols and methods

* Update Changelog and Troubleshooting

* Update sdk/identity/Azure.Identity/TROUBLESHOOTING.md

Co-authored-by: Copilot <[email protected]>

* Switch Azure.Identity reference to project reference

Replaces the Azure.Identity package reference with a project reference to Azure.Identity.csproj. This is a temporary change until the package is available with the new BrokerCredential name.

---------

Co-authored-by: Copilot <[email protected]>

Author: JonathanCrd

sdk/identity/Azure.Identity.Broker/src/Azure.Identity.Broker.csproj

@@ -13,7 +13,9 @@
     <AllowUnsafeBlocks>true</AllowUnsafeBlocks>
   </PropertyGroup>
   <ItemGroup>
-    <PackageReference Include="Azure.Identity" VersionOverride="1.15.0-beta.1" />
+    <!--Change this back to a package reference when the package is available with the new BrokerCredential name.-->
+    <!--<PackageReference Include="Azure.Identity" VersionOverride="1.15.0-beta.1" />-->
+    <ProjectReference Include="..\..\Azure.Identity\src\Azure.Identity.csproj"/>
     <PackageReference Include="Microsoft.Identity.Client.Broker" />
   </ItemGroup>
 </Project>

sdk/identity/Azure.Identity.Broker/tests/DefaultAzureCredentialFactoryTests.cs

@@ -25,7 +25,7 @@ public static IEnumerable<object[]> CredSelection()
             yield return new object[] { Constants.WorkloadIdentityCredential };
             yield return new object[] { Constants.ManagedIdentityCredential };
             yield return new object[] { Constants.InteractiveBrowserCredential };
-            yield return new object[] { Constants.BrokerAuthenticationCredential };
+            yield return new object[] { Constants.BrokerCredential };
         }
 
 #pragma warning disable CS0618 // Type or member is obsolete
@@ -97,7 +97,7 @@ public void ValidateDefaultAzureCredentialAZURE_TOKEN_CREDENTIALS_Honored_WithBr
                 {
                     Assert.IsTrue(chain.Single(cred => cred is InteractiveBrowserCredential) is InteractiveBrowserCredential);
                 }
-                else if (credSelection == Constants.BrokerAuthenticationCredential)
+                else if (credSelection == Constants.BrokerCredential)
                 {
                     Assert.IsTrue(chain.Single(cred => cred is InteractiveBrowserCredential) is InteractiveBrowserCredential);
                 }

sdk/identity/Azure.Identity.Broker/tests/DevelopmentBrokerOptionsTests.cs

@@ -21,7 +21,7 @@ public void TryCreateDevelopmentBrokerOptionsFromCredentialFactory()
         {
             var factory = new DefaultAzureCredentialFactory(new DefaultAzureCredentialOptions());
             DefaultAzureCredentialFactory.TryCreateDevelopmentBrokerOptions(out var options);
-            var cred = factory.CreateBrokerAuthenticationCredential(options);
+            var cred = factory.CreateBrokerCredential(options);
             try
             {
                 cred.GetToken(new TokenRequestContext(new[] { "https://management.azure.com/.default" }), default);

sdk/identity/Azure.Identity/CHANGELOG.md

@@ -20,6 +20,7 @@
 - Tenant ID comparisons in credential options are now case-insensitive. This affects `AdditionallyAllowedTenants` values which will now be matched against tenant IDs without case sensitivity, making the authentication more resilient to case differences in tenant IDs returned from WWW-Authenticate challenges ([#51693](https://github.com/Azure/azure-sdk-for-net/issues/51693)).
 
 ### Other Changes
+- `BrokerAuthenticationCredential` has been renamed as `BrokerCredential`.
 
 - Added the `EditorBrowsable(Never)` attribute to property `VisualStudioCodeTenantId` as `TenantId` is preferred. The `VisualStudioCodeTenantId` property exists only to provide backwards compatibility.
 

sdk/identity/Azure.Identity/TROUBLESHOOTING.md

@@ -125,7 +125,7 @@ DefaultAzureCredentialOptions options = new
 |---|---|---|
 |`CredentialUnavailableException` raised with message. "DefaultAzureCredential failed to retrieve a token from the included credentials."|All credentials in the `DefaultAzureCredential` chain failed to retrieve a token, each throwing a `CredentialUnavailableException`.|<ul><li>[Enable logging](#enable-and-configure-logging) to verify the credentials being tried, and get further diagnostic information.</li><li>Consult the troubleshooting guide for underlying credential types for more information.</li><ul><li>[EnvironmentCredential](#troubleshoot-environmentcredential-authentication-issues)</li><li>[WorkloadIdentityCredential](#troubleshoot-workloadidentitycredential-authentication-issues)</li><li>[ManagedIdentityCredential](#troubleshoot-managedidentitycredential-authentication-issues)</li><li>[VisualStudioCredential](#troubleshoot-visualstudiocredential-authentication-issues)</li><li>[AzureCliCredential](#troubleshoot-azureclicredential-authentication-issues)</li><li>[AzurePowerShellCredential](#troubleshoot-azurepowershellcredential-authentication-issues)</li></ul>|
 |`RequestFailedException` raised from the client with a status code of 401 or 403|Authentication succeeded but the authorizing Azure service responded with a 401 (Authenticate) or 403 (Forbidden) status code. This error can often be caused by the `DefaultAzureCredential` authenticating an account other than the intended or that the intended account doesn't have the correct permissions or roles assigned.|<ul><li>[Enable logging](#enable-and-configure-logging) to determine which credential in the chain returned the authenticating token.</li><li>In the case a credential other than the expected is returning a token, bypass this by either signing out of the corresponding development tool, or excluding the credential with the ExcludeXXXCredential property in the `DefaultAzureCredentialOptions`</li><li>Ensure that the correct role is assigned to the account being used. For example, a service specific role rather than the subscription Owner role.</li></ul>|
-|`InvalidOperationException` raised with message: "Invalid value for environment variable AZURE_TOKEN_CREDENTIALS ..." | An invalid value was set for the AZURE_TOKEN_CREDENTIALS environment variable | Set the environment variable to one of the following values: dev, prod, `VisualStudioCredential`, `VisualStudioCodeCredential`, `AzureCliCredential`, `AzurePowerShellCredential`, `AzureDeveloperCliCredential`, `EnvironmentCredential`, `WorkloadIdentityCredential`, `ManagedIdentityCredential`, `InteractiveBrowserCredential`, or `BrokerAuthenticationCredential`. **Note:** `BrokerAuthenticationCredential` require that the project include a reference to package Azure.Identity.Broker. |
+|`InvalidOperationException` raised with message: "Invalid value for environment variable AZURE_TOKEN_CREDENTIALS ..." | An invalid value was set for the AZURE_TOKEN_CREDENTIALS environment variable | Set the environment variable to one of the following values: dev, prod, `VisualStudioCredential`, `VisualStudioCodeCredential`, `AzureCliCredential`, `AzurePowerShellCredential`, `AzureDeveloperCliCredential`, `EnvironmentCredential`, `WorkloadIdentityCredential`, `ManagedIdentityCredential`, `InteractiveBrowserCredential`, or `BrokerCredential`. **Note:** `BrokerCredential` require that the project include a reference to package Azure.Identity.Broker. |
 
 ## Troubleshoot `EnvironmentCredential` authentication issues
 

sdk/identity/Azure.Identity/src/Constants.cs

@@ -52,7 +52,7 @@ internal class Constants
         public const string WorkloadIdentityCredential = "workloadidentitycredential";
         public const string ManagedIdentityCredential = "managedidentitycredential";
         public const string InteractiveBrowserCredential = "interactivebrowsercredential";
-        public const string BrokerAuthenticationCredential = "brokerauthenticationcredential";
+        public const string BrokerCredential = "brokercredential";
         public const string MacBrokerRedirectUri = "msauth.com.msauth.unsignedapp://auth";
     }
 }

sdk/identity/Azure.Identity/src/DefaultAzureCredentialFactory.cs

@@ -58,7 +58,7 @@ public TokenCredential[] CreateCredentialChain()
                 }
                 else if (credentialSelection != null)
                 {
-                    string validCredentials = $"'{Constants.DevCredentials}', '{Constants.ProdCredentials}', '{Constants.VisualStudioCredential}', '{Constants.VisualStudioCodeCredential}', '{Constants.AzureCliCredential}', '{Constants.AzurePowerShellCredential}', '{Constants.AzureDeveloperCliCredential}', '{Constants.EnvironmentCredential}', '{Constants.WorkloadIdentityCredential}', '{Constants.ManagedIdentityCredential}', '{Constants.InteractiveBrowserCredential}', '{Constants.BrokerAuthenticationCredential}'";
+                    string validCredentials = $"'{Constants.DevCredentials}', '{Constants.ProdCredentials}', '{Constants.VisualStudioCredential}', '{Constants.VisualStudioCodeCredential}', '{Constants.AzureCliCredential}', '{Constants.AzurePowerShellCredential}', '{Constants.AzureDeveloperCliCredential}', '{Constants.EnvironmentCredential}', '{Constants.WorkloadIdentityCredential}', '{Constants.ManagedIdentityCredential}', '{Constants.InteractiveBrowserCredential}', '{Constants.BrokerCredential}'";
                     return credentialSelection switch
                     {
                         Constants.VisualStudioCredential => [CreateVisualStudioCredential()],
@@ -70,10 +70,10 @@ public TokenCredential[] CreateCredentialChain()
                         Constants.WorkloadIdentityCredential => [CreateWorkloadIdentityCredential()],
                         Constants.ManagedIdentityCredential => [CreateManagedIdentityCredential()],
                         Constants.InteractiveBrowserCredential => [CreateInteractiveBrowserCredential()],
-                        Constants.BrokerAuthenticationCredential =>
+                        Constants.BrokerCredential =>
                             TryCreateDevelopmentBrokerOptions(out InteractiveBrowserCredentialOptions brokerOptions)
-                                ? [CreateBrokerAuthenticationCredential(brokerOptions)]
-                                : throw new CredentialUnavailableException("BrokerAuthenticationCredential is not available without a reference to Azure.Identity.Broker."),
+                                ? [CreateBrokerCredential(brokerOptions)]
+                                : throw new CredentialUnavailableException("BrokerCredential is not available without a reference to Azure.Identity.Broker."),
                         _ => throw new InvalidOperationException($"Invalid value for environment variable AZURE_TOKEN_CREDENTIALS: {credentialSelection}. Valid values are {validCredentials}. See https://aka.ms/azsdk/net/identity/defaultazurecredential/troubleshoot for more information.")
                     };
                 }
@@ -140,7 +140,7 @@ public TokenCredential[] CreateCredentialChain()
                 }
                 if (!Options.ExcludeBrokerCredential && TryCreateDevelopmentBrokerOptions(out InteractiveBrowserCredentialOptions brokerOptions))
                 {
-                    chain.Add(CreateBrokerAuthenticationCredential(brokerOptions));
+                    chain.Add(CreateBrokerCredential(brokerOptions));
                 }
             }
             if (chain.Count == 0)
@@ -238,7 +238,7 @@ public virtual TokenCredential CreateInteractiveBrowserCredential()
                 Pipeline);
         }
 
-        public TokenCredential CreateBrokerAuthenticationCredential(InteractiveBrowserCredentialOptions brokerOptions)
+        public TokenCredential CreateBrokerCredential(InteractiveBrowserCredentialOptions brokerOptions)
         {
             var options = Options.Clone<DevelopmentBrokerOptions>();
             ((IMsalSettablePublicClientInitializerOptions)options).BeforeBuildClient = ((IMsalSettablePublicClientInitializerOptions)brokerOptions).BeforeBuildClient;

sdk/identity/Azure.Identity/tests/DefaultAzureCredentialFactoryTests.cs

@@ -427,7 +427,7 @@ public static IEnumerable<object[]> CredSelection()
             yield return new object[] { Constants.WorkloadIdentityCredential };
             yield return new object[] { Constants.ManagedIdentityCredential };
             yield return new object[] { Constants.InteractiveBrowserCredential };
-            yield return new object[] { Constants.BrokerAuthenticationCredential };
+            yield return new object[] { Constants.BrokerCredential };
             yield return new object[] { null };
         }
 
@@ -444,11 +444,11 @@ public void ValidateDefaultAzureCredentialAZURE_TOKEN_CREDENTIALS_Honored(string
             }))
             {
                 var factory = new DefaultAzureCredentialFactory(null);
-                if (credSelection == Constants.BrokerAuthenticationCredential)
+                if (credSelection == Constants.BrokerCredential)
                 {
-                    // BrokerAuthenticationCredential is not supported without the Azure.Identity.Broker package.
+                    // BrokerCredential is not supported without the Azure.Identity.Broker package.
                     var ex = Assert.Throws<CredentialUnavailableException>(() => factory.CreateCredentialChain());
-                    Assert.AreEqual("BrokerAuthenticationCredential is not available without a reference to Azure.Identity.Broker.", ex.Message);
+                    Assert.AreEqual("BrokerCredential is not available without a reference to Azure.Identity.Broker.", ex.Message);
                     return;
                 }
                 var chain = factory.CreateCredentialChain();