Crate azure_identity

Azure Identity crate for the unofficial Microsoft Azure SDK for Rust. This crate is part of a collection of crates: for more information please refer to https://github.com/azure/azure-sdk-for-rust. This crate provides mechanisms for several ways to authenticate against Azure

For example, to authenticate using the recommended DefaultAzureCredential, you can do the following:

use azure_core::{auth::TokenCredential, Url};
use azure_identity::{DefaultAzureCredential};

use std::env;
use std::error::Error;

#[tokio::main]
async fn main() -> Result<(), Box<dyn Error>> {
    let credential = DefaultAzureCredential::default();
    let response = credential
        .get_token(&["https://management.azure.com/.default"])
        .await?;

    let subscription_id = env::var("AZURE_SUBSCRIPTION_ID")?;
    let url = Url::parse(&format!(
        "https://management.azure.com/subscriptions/{}/providers/Microsoft.Storage/storageAccounts?api-version=2019-06-01",
        subscription_id))?;
    let response = reqwest::Client::new()
        .get(url)
        .header("Authorization", format!("Bearer {}", response.token.secret()))
        .send()
        .await?
        .text()
        .await?;

    println!("{:?}", response);
    Ok(())
}

The supported authentication flows are:

• Authorization code flow.
• Client credentials flow.
• Device code flow.

This crate also includes utilities for handling refresh tokens and accessing token credentials from many different sources.

Modules

• authorization_code_flow
  Authorize using the authorization code flow
• client_credentials_flow
  Authorize using the OAuth 2.0 client credentials flow
• development
  Utilities for aiding in development
• device_code_flow
  Authorize using the device authorization grant flow
• federated_credentials_flow
  Authorize using the OAuth 2.0 client credentials flow with federated credentials.
• refresh_token
  Refresh token utilities
• tenant_ids
  A list of tenant IDs

Structs

• AzureCliCredential
  Enables authentication to Azure Active Directory using Azure CLI to obtain an access token.
• CertificateCredentialOptions
  Provides options to configure how the Identity library makes authentication requests to Azure Active Directory.
• ClientCertificateCredential
  Enables authentication to Azure Active Directory using a client certificate that was generated for an App Registration.
• ClientSecretCredential
  Enables authentication to Azure Active Directory using a client secret that was generated for an App Registration.
• DefaultAzureCredential
  Provides a default TokenCredential authentication flow for applications that will be deployed to Azure.
• DefaultAzureCredentialBuilder
  Provides a mechanism of selectively disabling credentials used for a DefaultAzureCredential instance
• EnvironmentCredential
  Enables authentication with Workflows Identity if either AZURE_FEDERATED_TOKEN or AZURE_FEDERATED_TOKEN_FILE is set, otherwise enables authentication to Azure Active Directory using client secret, or a username and password.
• ImdsManagedIdentityCredential
  Attempts authentication using a managed identity that has been assigned to the deployment environment.
• TokenCredentialOptions
  Provides options to configure how the Identity library makes authentication requests to Azure Active Directory.
• WorkloadIdentityCredential
  Enables authentication to Azure Active Directory using a client secret that was generated for an App Registration.

Enums

• DefaultAzureCredentialEnum
  Types of TokenCredential supported by DefaultAzureCredential