Update credential chains doc for Azure Identity v1.15.0 release

Author: scottaddie

docs/azure/sdk/authentication/credential-chains.md

@@ -2,7 +2,7 @@
 title: 'Credential chains in the Azure Identity library for .NET'
 description: 'This article describes the DefaultAzureCredential and ChainedTokenCredential classes in the Azure Identity library.'
 ms.topic: concept-article
-ms.date: 05/30/2025
+ms.date: 08/13/2025
 ---
 
 # Credential chains in the Azure Identity library for .NET
@@ -37,7 +37,7 @@ There are two disparate philosophies to credential chaining:
 
 [DefaultAzureCredential](/dotnet/api/azure.identity.defaultazurecredential?view=azure-dotnet&preserve-view=true) is an opinionated, preconfigured chain of credentials. It's designed to support many environments, along with the most common authentication flows and developer tools. In graphical form, the underlying chain looks like this:
 
-:::image type="content" source="../media/mermaidjs/DefaultAzureCredentialAuthFlow.svg" alt-text="DefaultAzureCredential auth flowchart":::
+:::image type="content" source="../media/mermaidjs/DefaultAzureCredentialAuthFlow-inline.svg" alt-text="Diagram that shows DefaultAzureCredential authentication flow." lightbox="../media/mermaidjs/DefaultAzureCredentialAuthFlow-expanded.png":::
 
 The order in which `DefaultAzureCredential` attempts credentials follows.
 
@@ -47,19 +47,24 @@ The order in which `DefaultAzureCredential` attempts credentials follows.
 | 2     | [Workload Identity][wi-cred]   |If the app is deployed to an Azure host with Workload Identity enabled, authenticate that account.             | Yes                 |
 | 3     | [Managed Identity][mi-cred]    |If the app is deployed to an Azure host with Managed Identity enabled, authenticate the app to Azure using that Managed Identity.             | Yes                 |
 | 4     | [Visual Studio][vs-cred]       |If the developer authenticated to Azure by logging into Visual Studio, authenticate the app to Azure using that same account.             | Yes                 |
-| 5     | [Azure CLI][az-cred]           |If the developer authenticated to Azure using Azure CLI's `az login` command, authenticate the app to Azure using that same account.             | Yes                 |
-| 6     | [Azure PowerShell][pwsh-cred]    |If the developer authenticated to Azure using Azure PowerShell's `Connect-AzAccount` cmdlet, authenticate the app to Azure using that same account.             | Yes                 |
-| 7     | [Azure Developer CLI][azd-cred] |If the developer authenticated to Azure using Azure Developer CLI's `azd auth login` command, authenticate with that account.             | Yes                 |
-| 8     | [Interactive browser][int-cred]         |If enabled, interactively authenticate the developer via the current system's default browser.             | No                  |
+| 5     | [Visual Studio Code][vsc-cred] |If the developer authenticated via Visual Studio Code's [Azure Resources extension][vsc-ext] and the [Azure.Identity.Broker package][broker-pkg] is installed, authenticate that account.             | Yes |
+| 6     | [Azure CLI][az-cred]           |If the developer authenticated to Azure using Azure CLI's `az login` command, authenticate the app to Azure using that same account.             | Yes                 |
+| 7     | [Azure PowerShell][pwsh-cred]    |If the developer authenticated to Azure using Azure PowerShell's `Connect-AzAccount` cmdlet, authenticate the app to Azure using that same account.             | Yes                 |
+| 8     | [Azure Developer CLI][azd-cred] |If the developer authenticated to Azure using Azure Developer CLI's `azd auth login` command, authenticate with that account.             | Yes                 |
+| 9     | [Interactive browser][int-cred]         |If enabled, interactively authenticate the developer via the current system's default browser.             | No                  |
+| 10    | [Broker][int-cred] |Authenticates using the default account logged into the OS via a broker. Requires that the [Azure.Identity.Broker package][broker-pkg] is installed, since an instance of `InteractiveBrowserBrokerCredential` is used. | Yes |
 
 [env-cred]: /dotnet/api/azure.identity.environmentcredential?view=azure-dotnet&preserve-view=true
 [wi-cred]: /dotnet/api/azure.identity.workloadidentitycredential?view=azure-dotnet&preserve-view=true
 [mi-cred]: /dotnet/api/azure.identity.managedidentitycredential?view=azure-dotnet&preserve-view=true
 [vs-cred]: /dotnet/api/azure.identity.visualstudiocredential?view=azure-dotnet&preserve-view=true
+[vsc-cred]: /dotnet/api/azure.identity.visualstudiocodecredential?view=azure-dotnet&preserve-view=true
 [az-cred]: /dotnet/api/azure.identity.azureclicredential?view=azure-dotnet&preserve-view=true
 [pwsh-cred]: /dotnet/api/azure.identity.azurepowershellcredential?view=azure-dotnet&preserve-view=true
 [azd-cred]: /dotnet/api/azure.identity.azuredeveloperclicredential?view=azure-dotnet&preserve-view=true
 [int-cred]: /dotnet/api/azure.identity.interactivebrowsercredential?view=azure-dotnet&preserve-view=true
+[vsc-ext]: https://marketplace.visualstudio.com/items?itemName=ms-azuretools.vscode-azureresourcegroups
+[broker-pkg]: https://www.nuget.org/packages/Azure.Identity.Broker
 
 In its simplest form, you can use the parameterless version of `DefaultAzureCredential` as follows:
 

docs/azure/sdk/media/mermaidjs/DefaultAzureCredentialAuthFlow-expanded.png

@@ -1,14 +1,16 @@
 ---
 ms.topic: include
-ms.date: 08/07/2024
+ms.date: 08/13/2025
 ---
 
 ```mermaid
 %% STEPS TO GENERATE IMAGE
 %% =======================
 %% 1. Install mermaid CLI v10.9.1 (see https://github.com/mermaid-js/mermaid-cli/blob/master/README.md):
 %%    npm i -g @mermaid-js/[email protected]
-%% 2. Run command: mmdc -i DefaultAzureCredentialAuthFlow.md -o ../../media/mermaidjs/DefaultAzureCredentialAuthFlow.svg
+%% 2. Run commands:
+%%    mmdc -i DefaultAzureCredentialAuthFlow.md -o ../../media/mermaidjs/DefaultAzureCredentialAuthFlow-inline.svg
+%%    mmdc -i DefaultAzureCredentialAuthFlow.md -o ../../media/mermaidjs/DefaultAzureCredentialAuthFlow-expanded.png -w 1156
 
 %%{
   init: {
@@ -31,7 +33,16 @@ flowchart LR;
 
     subgraph CREDENTIALS;
         direction LR;
-        A(Environment):::deployed --> B(Workload Identity):::deployed --> C(Managed Identity):::deployed --> D(Visual Studio):::developer --> E(Azure CLI):::developer --> F(Azure PowerShell):::developer --> G(Azure Developer CLI):::developer --> H(Interactive browser):::interactive;
+        A(Environment):::deployed -->
+        B(Workload Identity):::deployed -->
+        C(Managed Identity):::deployed -->
+        D(Visual Studio):::developer -->
+        E(Visual Studio Code):::developer -->
+        F(Azure CLI):::developer -->
+        G(Azure PowerShell):::developer -->
+        H(Azure Developer CLI):::developer -->
+        I(Interactive browser):::interactive -->
+        J(Broker):::developer;
     end;
 
     %% Define styles for credential type boxes
@@ -44,8 +55,10 @@ flowchart LR;
     click B "https://learn.microsoft.com/dotnet/api/azure.identity.workloadidentitycredential?view=azure-dotnet" _blank;
     click C "https://learn.microsoft.com/dotnet/api/azure.identity.managedidentitycredential?view=azure-dotnet" _blank;
     click D "https://learn.microsoft.com/dotnet/api/azure.identity.visualstudiocredential?view=azure-dotnet" _blank;
-    click E "https://learn.microsoft.com/dotnet/api/azure.identity.azureclicredential?view=azure-dotnet" _blank;
-    click F "https://learn.microsoft.com/dotnet/api/azure.identity.azurepowershellcredential?view=azure-dotnet" _blank;
-    click G "https://learn.microsoft.com/dotnet/api/azure.identity.azuredeveloperclicredential?view=azure-dotnet" _blank
-    click H "https://learn.microsoft.com/dotnet/api/azure.identity.interactivebrowsercredential?view=azure-dotnet" _blank;
+    click E "https://learn.microsoft.com/dotnet/api/azure.identity.visualstudiocodecredential?view=azure-dotnet" _blank;
+    click F "https://learn.microsoft.com/dotnet/api/azure.identity.azureclicredential?view=azure-dotnet" _blank;
+    click G "https://learn.microsoft.com/dotnet/api/azure.identity.azurepowershellcredential?view=azure-dotnet" _blank;
+    click H "https://learn.microsoft.com/dotnet/api/azure.identity.azuredeveloperclicredential?view=azure-dotnet" _blank
+    click I "https://learn.microsoft.com/dotnet/api/azure.identity.interactivebrowsercredential?view=azure-dotnet" _blank;
+    click J "https://learn.microsoft.com/dotnet/api/azure.identity.interactivebrowsercredential?view=azure-dotnet" _blank;
 ```

docs/azure/sdk/media/mermaidjs/DefaultAzureCredentialAuthFlow-inline.svg

@@ -1,6 +1,6 @@
 ---
 ms.topic: include
-ms.date: 05/30/2025
+ms.date: 08/13/2025
 ---
 
 ```mermaid
@@ -24,7 +24,11 @@ flowchart LR;
     accTitle: DefaultAzureCredential authentication flow without deployed service credentials;
     accDescr: Flowchart showing the credential chain implemented by DefaultAzureCredential when AZURE_TOKEN_CREDENTIALS is set to "dev";
 
-    D(Visual Studio):::developer --> E(Azure CLI):::developer --> F(Azure PowerShell):::developer --> G(Azure Developer CLI):::developer;
+    D(Visual Studio):::developer -->
+    E(Visual Studio Code):::developer -->
+    F(Azure CLI):::developer -->
+    G(Azure PowerShell):::developer -->
+    H(Azure Developer CLI):::developer;
 
     %% Define styles for credential type boxes
     classDef developer fill:#F5AF6F, stroke:#EB7C39, stroke-width:2px;

docs/azure/sdk/media/mermaidjs/DefaultAzureCredentialAuthFlow.md

@@ -1,6 +1,6 @@
 ---
 ms.topic: include
-ms.date: 08/07/2024
+ms.date: 08/13/2025
 ---
 
 ```mermaid
@@ -21,7 +21,12 @@ ms.date: 08/07/2024
 }%%
 
 flowchart LR;
-    D(Visual Studio):::developer --> E(Azure CLI):::developer --> F(Azure PowerShell):::developer --> G(Azure Developer CLI):::developer;
+    D(Visual Studio):::developer -->
+    E(Visual Studio Code):::developer -->
+    F(Azure CLI):::developer -->
+    G(Azure PowerShell):::developer -->
+    H(Azure Developer CLI):::developer -->
+    I(Broker):::developer;
 
     %% Define styles for credential type boxes
     classDef developer fill:#F5AF6F, stroke:#EB7C39, stroke-width:2px;

docs/azure/sdk/media/mermaidjs/DefaultAzureCredentialAuthFlow.svg

@@ -8,12 +8,12 @@
     <PackageVersion Include="Microsoft.Extensions.AI" Version="9.3.0-preview.1.25114.11" />
     <PackageVersion Include="Microsoft.Extensions.AI.OpenAI" Version="9.3.0-preview.1.25114.11" />
     <PackageVersion Include="Microsoft.Extensions.Azure" Version="1.12.0" />
-    <PackageVersion Include="Azure.Identity" Version="1.14.2" />
+    <PackageVersion Include="Azure.Identity" Version="1.15.0" />
     <PackageVersion Include="Azure.Identity.Broker" Version="1.2.1" />
     <PackageVersion Include="Azure.Security.KeyVault.Secrets" Version="4.8.0" />
     <PackageVersion Include="Azure.Storage.Blobs" Version="12.25.0" />
     <!-- ASP.NET Core packages -->
     <PackageVersion Include="Microsoft.AspNetCore.OpenApi" Version="8.0.8" />
     <PackageVersion Include="Swashbuckle.AspNetCore" Version="6.7.3" />
   </ItemGroup>
-</Project>
+</Project>