Crate azure_identity
source ·Expand description
Azure Identity crate for the unofficial Microsoft Azure SDK for Rust. This crate is part of a collection of crates: for more information please refer to https://github.com/azure/azure-sdk-for-rust.
This crate provides several implementations of the azure_core::auth::TokenCredential trait.
It is recommended to start with azure_identity::create_credential()?
, which will create an instance of DefaultAzureCredential
by default. If you want to use a specific credential type, the AZURE_CREDENTIAL_KIND
environment variable may be set to a value from azure_credential_kinds
, such as azurecli
or virtualmachine
.
#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
let subscription_id =
std::env::var("AZURE_SUBSCRIPTION_ID").expect("AZURE_SUBSCRIPTION_ID required");
let credential = azure_identity::create_credential()?;
// Let's enumerate the Azure storage accounts in the subscription using the REST API directly.
// This is just an example. It is easier to use the Azure SDK for Rust crates.
let url = url::Url::parse(&format!("https://management.azure.com/subscriptions/{subscription_id}/providers/Microsoft.Storage/storageAccounts?api-version=2019-06-01"))?;
let access_token = credential
.get_token(&["https://management.azure.com/.default"])
.await?;
let response = reqwest::Client::new()
.get(url)
.header(
"Authorization",
format!("Bearer {}", access_token.token.secret()),
)
.send()
.await?
.text()
.await?;
println!("{response}");
Ok(())
}
The supported authentication flows are:
Modules§
- Authorize using the authorization code flow
- Authorize using the OAuth 2.0 client credentials flow
- Utilities for aiding in development
- Authorize using the device authorization grant flow
- Authorize using the OAuth 2.0 client credentials flow with federated credentials.
- Refresh token utilities
- A list of tenant IDs
Structs§
- Enables authentication to Azure Active Directory using Azure CLI to obtain an access token.
- Enables authentication to Azure Active Directory using Azure CLI to obtain an access token.
- Enables authentication to Azure Active Directory using a client certificate that was generated for an App Registration.
- Provides options to configure how the Identity library makes authentication requests to Azure Active Directory.
- Enables authentication to Azure Active Directory using a client secret that was generated for an App Registration.
- Provides a default
TokenCredential
authentication flow for applications that will be deployed to Azure. - Provides a mechanism of selectively disabling credentials used for a
DefaultAzureCredential
instance - Enables authentication with Workflows Identity if either
AZURE_FEDERATED_TOKEN
orAZURE_FEDERATED_TOKEN_FILE
is set, otherwise enables authentication to Azure Active Directory using client secret, or a username and password. - Provides options to configure how the Identity library makes authentication requests to Azure Active Directory.
- Enables authentication to Azure Active Directory using a client secret that was generated for an App Registration.
Enums§
- Authentication Mode
Constants§
Functions§
- Creates a
DefaultAzureCredential
by default with default options. IfAZURE_CREDENTIAL_KIND
environment variable is set, it creates aSpecificAzureCredential
with default options. - Creates a new
DefaultAzureCredential
with the default options. - Creates a new
SpecificAzureCredential
with the default options.
Type Aliases§
- CertificateCredentialOptionsDeprecatedAlias of CertificateCredentialOptions for backwards compatibility.