refactor(provider): Mark ClientID as deprecated, use correct one in examples.

README.md

@@ -61,8 +61,11 @@ func main() {
 
     // Create credentials provider
     provider, err := entraid.NewManagedIdentityCredentialsProvider(entraid.ManagedIdentityCredentialsProviderOptions{
-        CredentialsProviderOptions: entraid.CredentialsProviderOptions{
-            ClientID: clientID,
+        CredentialsProviderOptions: entraid.CredentialsProviderOptions{},
+        ManagedIdentityProviderOptions: identity.ManagedIdentityProviderOptions{
+            UserAssignedObjectID: clientID,
+            ManagedIdentityType:  identity.UserAssignedObjectID,
+            Scopes:               []string{identity.RedisScopeDefault},
         },
     })
     if err != nil {
@@ -214,13 +217,11 @@ AZURE_CLIENT_SECRET=your-client-secret
 ### Available Configuration Options
 
 #### 1. CredentialsProviderOptions
-Base options for all credential providers:
+Base options for credential providers includes the options for the token manager:
 ```go
 type CredentialsProviderOptions struct {
-    // Required: Client ID for authentication
-    ClientID string
-
-    // Optional: Token manager configuration
+    // TokenManagerOptions is the options for the token manager.
+    // This is used to configure the token manager when requesting a token.
     TokenManagerOptions manager.TokenManagerOptions
 }
 ```
@@ -275,7 +276,7 @@ type RetryOptions struct {
 ```
 
 #### 4. ManagedIdentityProviderOptions
-Options for managed identity authentication:
+Options for managed identity provider (user assigned or system assigned identity):
 ```go
 type ManagedIdentityProviderOptions struct {
     // Required: Type of managed identity
@@ -291,7 +292,7 @@ type ManagedIdentityProviderOptions struct {
 ```
 
 #### 5. ConfidentialIdentityProviderOptions
-Options for confidential client authentication:
+Options for confidential identity provider (client secret or client sertificate):
 ```go
 type ConfidentialIdentityProviderOptions struct {
     // Required: Client ID for authentication
@@ -355,7 +356,6 @@ type DefaultAzureIdentityProviderOptions struct {
 #### Basic Configuration
 ```go
 options := entraid.CredentialsProviderOptions{
-    ClientID: os.Getenv("AZURE_CLIENT_ID"),
     TokenManagerOptions: manager.TokenManagerOptions{
         ExpirationRefreshRatio: 0.7,
         LowerRefreshBounds: 10000,
@@ -366,7 +366,6 @@ options := entraid.CredentialsProviderOptions{
 #### Advanced Configuration
 ```go
 options := entraid.CredentialsProviderOptions{
-    ClientID: os.Getenv("AZURE_CLIENT_ID"),
     TokenManagerOptions: manager.TokenManagerOptions{
         ExpirationRefreshRatio: 0.7,
         LowerRefreshBounds: 10000,
@@ -414,6 +413,7 @@ authority := identity.AuthorityConfiguration{
 ```go
 // Create provider for system assigned identity
 provider, err := entraid.NewManagedIdentityCredentialsProvider(entraid.ManagedIdentityCredentialsProviderOptions{
+    CredentialsProviderOptions: entraid.CredentialsProviderOptions{},
     ManagedIdentityProviderOptions: identity.ManagedIdentityProviderOptions{
         ManagedIdentityType: identity.SystemAssignedIdentity,
         Scopes: []string{"https://redis.azure.com/.default"},
@@ -425,9 +425,7 @@ provider, err := entraid.NewManagedIdentityCredentialsProvider(entraid.ManagedId
 ```go
 // Create provider for user assigned identity
 provider, err := entraid.NewManagedIdentityCredentialsProvider(entraid.ManagedIdentityCredentialsProviderOptions{
-    CredentialsProviderOptions: entraid.CredentialsProviderOptions{
-        ClientID: os.Getenv("AZURE_CLIENT_ID"),
-    },
+    CredentialsProviderOptions: entraid.CredentialsProviderOptions{},
     ManagedIdentityProviderOptions: identity.ManagedIdentityProviderOptions{
         ManagedIdentityType: identity.UserAssignedObjectID,
         UserAssignedObjectID: os.Getenv("AZURE_USER_ASSIGNED_MANAGED_ID"),
@@ -617,8 +615,11 @@ This approach gives you the flexibility of custom authentication while benefitin
 func TestManagedIdentityProvider(t *testing.T) {
     // Create test provider
     provider, err := entraid.NewManagedIdentityCredentialsProvider(entraid.ManagedIdentityCredentialsProviderOptions{
-        CredentialsProviderOptions: entraid.CredentialsProviderOptions{
-            ClientID: "test-client-id",
+        CredentialsProviderOptions: entraid.CredentialsProviderOptions{},
+        ManagedIdentityProviderOptions: identity.ManagedIdentityProviderOptions{
+            UserAssignedObjectID: "test-managed-id",
+            ManagedIdentityType:  identity.UserAssignedObjectID,
+            Scopes:               []string{identity.RedisScopeDefault},
         },
     })
     if err != nil {
@@ -652,8 +653,11 @@ func TestManagedIdentityProvider(t *testing.T) {
 func TestRedisConnection(t *testing.T) {
     // Create provider
     provider, err := entraid.NewManagedIdentityCredentialsProvider(entraid.ManagedIdentityCredentialsProviderOptions{
-        CredentialsProviderOptions: entraid.CredentialsProviderOptions{
-            ClientID: os.Getenv("AZURE_CLIENT_ID"),
+        CredentialsProviderOptions: entraid.CredentialsProviderOptions{},
+        ManagedIdentityProviderOptions: identity.ManagedIdentityProviderOptions{
+            UserAssignedObjectID: os.Getenv("AZURE_CLIENT_ID"),
+            ManagedIdentityType:  identity.UserAssignedObjectID,
+            Scopes:               []string{identity.RedisScopeDefault},
         },
     })
     if err != nil {

credentials_provider_test.go

@@ -20,7 +20,6 @@ func TestCredentialsProviderErrorScenarios(t *testing.T) {
 		// Create a test provider with invalid options
 		options := ConfidentialCredentialsProviderOptions{
 			CredentialsProviderOptions: CredentialsProviderOptions{
-				ClientID: "test-client-id",
 				TokenManagerOptions: manager.TokenManagerOptions{
 					ExpirationRefreshRatio: 0.7,
 				},
@@ -43,7 +42,6 @@ func TestCredentialsProviderErrorScenarios(t *testing.T) {
 		// Create a test provider with invalid options
 		options := ConfidentialCredentialsProviderOptions{
 			CredentialsProviderOptions: CredentialsProviderOptions{
-				ClientID: "test-client-id",
 				TokenManagerOptions: manager.TokenManagerOptions{
 					ExpirationRefreshRatio: 0.7,
 				},
@@ -66,7 +64,6 @@ func TestCredentialsProviderErrorScenarios(t *testing.T) {
 		// Create a test provider with invalid options
 		options := ManagedIdentityCredentialsProviderOptions{
 			CredentialsProviderOptions: CredentialsProviderOptions{
-				ClientID: "test-client-id",
 				TokenManagerOptions: manager.TokenManagerOptions{
 					ExpirationRefreshRatio: 0.7,
 				},
@@ -86,7 +83,6 @@ func TestCredentialsProviderErrorScenarios(t *testing.T) {
 		// Create a test provider with invalid options
 		options := DefaultAzureCredentialsProviderOptions{
 			CredentialsProviderOptions: CredentialsProviderOptions{
-				ClientID: "test-client-id",
 				TokenManagerOptions: manager.TokenManagerOptions{
 					ExpirationRefreshRatio: 0.7,
 				},
@@ -308,7 +304,6 @@ func TestCredentialsProviderSubscribe(t *testing.T) {
 	// Create a test provider
 	opts := ConfidentialCredentialsProviderOptions{
 		CredentialsProviderOptions: CredentialsProviderOptions{
-			ClientID: "test-client-id",
 			TokenManagerOptions: manager.TokenManagerOptions{
 				ExpirationRefreshRatio: 0.7,
 			},

examples/entraid/managedidentity_systemassigned/main.go

@@ -33,9 +33,8 @@ func main() {
 			},
 		},
 		ManagedIdentityProviderOptions: identity.ManagedIdentityProviderOptions{
-			// For system-assigned identity, we don't need to specify ClientID
 			Scopes:              cfg.GetRedisScopes(),
-			ManagedIdentityType: "SystemAssigned",
+			ManagedIdentityType: identity.SystemAssignedIdentity,
 		},
 	})
 	if err != nil {

examples/entraid/managedidentity_systemassigned_min/go.mod

@@ -0,0 +1,31 @@
+module managedidentity_systemassigned
+
+go 1.23.4
+
+require (
+	config v0.0.0
+	github.com/redis/go-redis-entraid v1.0.1
+	github.com/redis/go-redis/v9 v9.9.0
+)
+
+replace (
+	config => ../config
+	github.com/redis/go-redis-entraid => ../../../
+)
+
+require (
+	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.10.0 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1 // indirect
+	github.com/AzureAD/microsoft-authentication-library-for-go v1.4.2 // indirect
+	github.com/cespare/xxhash/v2 v2.3.0 // indirect
+	github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
+	github.com/golang-jwt/jwt/v5 v5.2.2 // indirect
+	github.com/google/uuid v1.6.0 // indirect
+	github.com/kylelemons/godebug v1.1.0 // indirect
+	github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
+	golang.org/x/crypto v0.38.0 // indirect
+	golang.org/x/net v0.40.0 // indirect
+	golang.org/x/sys v0.33.0 // indirect
+	golang.org/x/text v0.25.0 // indirect
+)

examples/entraid/managedidentity_systemassigned_min/go.sum

@@ -0,0 +1,61 @@
+github.com/Azure/azure-sdk-for-go/sdk/azcore v1.17.0 h1:g0EZJwz7xkXQiZAI5xi9f3WWFYBlX1CPTrR+NDToRkQ=
+github.com/Azure/azure-sdk-for-go/sdk/azcore v1.17.0/go.mod h1:XCW7KnZet0Opnr7HccfUw1PLc4CjHqpcaxW8DHklNkQ=
+github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0/go.mod h1:Ot/6aikWnKWi4l9QB7qVSwa8iMphQNqkWALMoNT3rzM=
+github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.0-beta.1 h1:iw4+KCeCoieuKodp1d5YhAa1TU/GgogCbw8RbGvsfLA=
+github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.0-beta.1/go.mod h1:AP8cDnDTGIVvayqKAhwzpcAyTJosXpvLYNmVFJb98x8=
+github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.10.0/go.mod h1:JdM5psgjfBf5fo2uWOZhflPWyDBZ/O/CNAH9CtsuZE4=
+github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.2.3 h1:BAUsn6/icUFtvUalVwCO0+hSF7qgU9DwwcEfCvtILtw=
+github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.2.3/go.mod h1:QlAsNp4gk9zLD2wiZIvIuv699ynpZ2Tq2ZBp+6MrSEw=
+github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 h1:ywEEhmNahHBihViHepv3xPBn1663uRv2t2q/ESv9seY=
+github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0/go.mod h1:iZDifYGJTIgIIkYRNWPENUnqx6bJ2xnSDFI2tjwZNuY=
+github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1/go.mod h1:j2chePtV91HrC22tGoRX3sGY42uF13WzmmV80/OdVAA=
+github.com/AzureAD/microsoft-authentication-extensions-for-go/cache v0.1.1 h1:WJTmL004Abzc5wDB5VtZG2PJk5ndYDgVacGqfirKxjM=
+github.com/AzureAD/microsoft-authentication-extensions-for-go/cache v0.1.1/go.mod h1:tCcJZ0uHAmvjsVYzEFivsRTN00oz5BEsRgQHu5JZ9WE=
+github.com/AzureAD/microsoft-authentication-library-for-go v1.4.1 h1:8BKxhZZLX/WosEeoCvWysmKUscfa9v8LIPEEU0JjE2o=
+github.com/AzureAD/microsoft-authentication-library-for-go v1.4.1/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI=
+github.com/AzureAD/microsoft-authentication-library-for-go v1.4.2/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI=
+github.com/bsm/ginkgo/v2 v2.12.0 h1:Ny8MWAHyOepLGlLKYmXG4IEkioBysk6GpaRTLC8zwWs=
+github.com/bsm/ginkgo/v2 v2.12.0/go.mod h1:SwYbGRRDovPVboqFv0tPTcG1sN61LM1Z4ARdbAV9g4c=
+github.com/bsm/gomega v1.27.10 h1:yeMWxP2pV2fG3FgAODIY8EiRE3dy0aeFYt4l7wh6yKA=
+github.com/bsm/gomega v1.27.10/go.mod h1:JyEr/xRbxbtgWNi8tIEVPUYZ5Dzef52k01W3YH0H+O0=
+github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
+github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78=
+github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc=
+github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk=
+github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
+github.com/golang-jwt/jwt/v5 v5.2.2/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
+github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
+github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/keybase/go-keychain v0.0.0-20231219164618-57a3676c3af6 h1:IsMZxCuZqKuao2vNdfD82fjjgPLfyHLpR41Z88viRWs=
+github.com/keybase/go-keychain v0.0.0-20231219164618-57a3676c3af6/go.mod h1:3VeWNIJaW+O5xpRQbPp0Ybqu1vJd/pm7s2F473HRrkw=
+github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc=
+github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw=
+github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c h1:+mdjkGKdHQG3305AYmdv1U2eRNDiU2ErMBj1gwrq8eQ=
+github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c/go.mod h1:7rwL4CYBLnjLxUqIJNnCWiEdr3bn6IUYi15bNlnbCCU=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/redis/go-redis/v9 v9.5.3-0.20250519143649-1628b87c162b h1:I6Y+sXfQLIUo8vkx+EcuTcAcs0ZnPceNe8cdQ0HsjQI=
+github.com/redis/go-redis/v9 v9.5.3-0.20250519143649-1628b87c162b/go.mod h1:huWgSWd8mW6+m0VPhJjSSQ+d6Nh1VICQ6Q5lHuCH/Iw=
+github.com/redis/go-redis/v9 v9.9.0/go.mod h1:huWgSWd8mW6+m0VPhJjSSQ+d6Nh1VICQ6Q5lHuCH/Iw=
+github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY=
+github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
+github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
+github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+golang.org/x/crypto v0.33.0 h1:IOBPskki6Lysi0lo9qQvbxiQ+FvsCC/YWOecCHAixus=
+golang.org/x/crypto v0.33.0/go.mod h1:bVdXmD7IV/4GdElGPozy6U7lWdRXA4qyRVGJV57uQ5M=
+golang.org/x/crypto v0.38.0/go.mod h1:MvrbAqul58NNYPKnOra203SB9vpuZW0e+RRZV+Ggqjw=
+golang.org/x/net v0.35.0 h1:T5GQRQb2y08kTAByq9L4/bz8cipCdA8FbRTXewonqY8=
+golang.org/x/net v0.35.0/go.mod h1:EglIi67kWsHKlRzzVMUD93VMSWGFOMSZgxFjparz1Qk=
+golang.org/x/net v0.40.0/go.mod h1:y0hY0exeL2Pku80/zKK7tpntoX23cqL3Oa6njdgRtds=
+golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc=
+golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.33.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
+golang.org/x/text v0.22.0 h1:bofq7m3/HAFvbF51jz3Q9wLg3jkvSPuiZu/pD1XwgtM=
+golang.org/x/text v0.22.0/go.mod h1:YRoo4H8PVmsu+E3Ou7cqLVH8oXWIHVoX0jqUWALQhfY=
+golang.org/x/text v0.25.0/go.mod h1:WEdwpYrmk1qmdHvhkSTNPm3app7v4rsT8F2UD6+VHIA=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

examples/entraid/managedidentity_systemassigned_min/main.go

@@ -0,0 +1,122 @@
+package main
+
+import (
+	"context"
+	"fmt"
+	"log"
+	"os"
+	"time"
+
+	"config"
+
+	entraid "github.com/redis/go-redis-entraid"
+	"github.com/redis/go-redis-entraid/identity"
+	"github.com/redis/go-redis/v9"
+)
+
+func main() {
+	ctx := context.Background()
+
+	// Load configuration
+	cfg, err := config.LoadConfig(os.Getenv("REDIS_ENDPOINTS_CONFIG_PATH"))
+	if err != nil {
+		log.Fatalf("Failed to load config: %v", err)
+	}
+
+	// Create a managed identity credentials provider for system-assigned identity
+	cp, err := entraid.NewManagedIdentityCredentialsProvider(entraid.ManagedIdentityCredentialsProviderOptions{
+		ManagedIdentityProviderOptions: identity.ManagedIdentityProviderOptions{
+			ManagedIdentityType: identity.SystemAssignedIdentity,
+		},
+	})
+	if err != nil {
+		log.Fatalf("Failed to create credentials provider: %v", err)
+	}
+
+	// Create Redis client with streaming credentials provider
+	opts, err := redis.ParseURL(cfg.Endpoints["standalone-entraid-acl"].Endpoints[0])
+	if err != nil {
+		log.Fatalf("Failed to parse Redis URL: %v", err)
+	}
+	opts.StreamingCredentialsProvider = cp
+	redisClient := redis.NewClient(opts)
+
+	// Create second Redis client for cluster
+	clusterOpts, err := redis.ParseURL(cfg.Endpoints["cluster-entraid-acl"].Endpoints[0])
+	if err != nil {
+		log.Fatalf("Failed to parse Redis URL: %v", err)
+	}
+	clusterClient := redis.NewClusterClient(&redis.ClusterOptions{
+		Addrs:                        []string{clusterOpts.Addr},
+		StreamingCredentialsProvider: cp,
+	})
+
+	// Test the connection
+	pong, err := redisClient.Ping(ctx).Result()
+	if err != nil {
+		log.Fatalf("Failed to ping Redis: %v", err)
+	}
+	fmt.Printf("Successfully connected to Redis standalone: %s\n", pong)
+
+	// Test cluster connection
+	clusterPong, err := clusterClient.Ping(ctx).Result()
+	if err != nil {
+		log.Fatalf("Failed to ping Redis cluster: %v", err)
+	}
+	fmt.Printf("Successfully connected to Redis cluster: %s\n", clusterPong)
+
+	// Set a test key
+	err = redisClient.Set(ctx, "test-key", "test-value", 0).Err()
+	if err != nil {
+		log.Fatalf("Failed to set test key: %v", err)
+	}
+
+	// Get the test key
+	val, err := redisClient.Get(ctx, "test-key").Result()
+	if err != nil {
+		log.Fatalf("Failed to get test key: %v", err)
+	}
+	fmt.Printf("Retrieved value from standalone: %s\n", val)
+
+	// Set a test key in cluster
+	err = clusterClient.Set(ctx, "test-key", "test-value", 0).Err()
+	if err != nil {
+		log.Fatalf("Failed to set test key in cluster: %v", err)
+	}
+
+	// Get the test key from cluster
+	clusterVal, err := clusterClient.Get(ctx, "test-key").Result()
+	if err != nil {
+		log.Fatalf("Failed to get test key from cluster: %v", err)
+	}
+	fmt.Printf("Retrieved value from cluster: %s\n", clusterVal)
+
+	// Wait for token to expire
+	fmt.Println("Waiting for token to expire...")
+	time.Sleep(3 * time.Second)
+
+	// Test token refresh by retrying operations
+	fmt.Println("Testing token refresh...")
+
+	// Retry standalone operations
+	for i := 0; i < 3; i++ {
+		pong, err = redisClient.Ping(ctx).Result()
+		if err != nil {
+			log.Printf("Failed to ping Redis (attempt %d): %v", i+1, err)
+			continue
+		}
+		fmt.Printf("Successfully pinged Redis standalone after token refresh: %s\n", pong)
+		break
+	}
+
+	// Retry cluster operations
+	for i := 0; i < 3; i++ {
+		clusterPong, err = clusterClient.Ping(ctx).Result()
+		if err != nil {
+			log.Printf("Failed to ping Redis cluster (attempt %d): %v", i+1, err)
+			continue
+		}
+		fmt.Printf("Successfully pinged Redis cluster after token refresh: %s\n", clusterPong)
+		break
+	}
+}

examples/entraid/managedidentity_userassigned/main.go

@@ -27,7 +27,6 @@ func main() {
 	// Create a managed identity credentials provider for user-assigned identity
 	cp, err := entraid.NewManagedIdentityCredentialsProvider(entraid.ManagedIdentityCredentialsProviderOptions{
 		CredentialsProviderOptions: entraid.CredentialsProviderOptions{
-			ClientID: cfg.AzureClientID,
 			TokenManagerOptions: manager.TokenManagerOptions{
 				ExpirationRefreshRatio: 0.001,           // Set to refresh very early
 				LowerRefreshBound:      time.Second * 1, // Set lower bound to 1 second