Crate azure_identity
source · [−]Expand description
Azure Identity crate for the unofficial Microsoft Azure SDK for Rust. This crate is part of a collection of crates: for more information please refer to https://github.com/azure/azure-sdk-for-rust. This crate provides mechanisms for several ways to authenticate against Azure
For example, to authenticate using the recommended DefaultAzureCredential, you can do the following:
use azure_identity::{DefaultAzureCredential, TokenCredential};
use url::Url;
use std::env;
use std::error::Error;
#[tokio::main]
async fn main() -> Result<(), Box<dyn Error>> {
let credential = DefaultAzureCredential::default();
let response = credential
.get_token("https://management.azure.com")
.await?;
let subscription_id = env::var("AZURE_SUBSCRIPTION_ID")?;
let url = Url::parse(&format!(
"https://management.azure.com/subscriptions/{}/providers/Microsoft.Storage/storageAccounts?api-version=2019-06-01",
subscription_id))?;
let response = reqwest::Client::new()
.get(url)
.header("Authorization", format!("Bearer {}", response.token.secret()))
.send()
.await?
.text()
.await?;
println!("{:?}", response);
Ok(())
}
The supported authentication flows are:
This crate also includes utilities for handling refresh tokens and accessing token credentials from many different sources.
Modules
A list of known Azure authority hosts
Authorize using the authorization code flow
Authorize using the OAuth 2.0 client credentials flow
Utilities for aiding in development
Authorize using the device authorization grant flow
Refresh token utilities
A list of tenant IDs
Structs
Wraps a TokenCredential and handles token refresh on token expiry
Enables authentication to Azure Active Directory using Azure CLI to obtain an access token.
Enables authentication to Azure Active Directory using a client secret that was generated for an App Registration.
Provides a default TokenCredential
authentication flow for applications that will be deployed to Azure.
Provides a mechanism of selectively disabling credentials used for a DefaultAzureCredential
instance
Enables authentication to Azure Active Directory using client secret, or a username and password.
Attempts authentication using a managed identity that has been assigned to the deployment environment.
Provides options to configure how the Identity library makes authentication requests to Azure Active Directory.
Enums
Types of TokenCredential supported by DefaultAzureCredential
Errors specific to identity services
Traits
Represents a credential capable of providing an OAuth token. Same as azure_core::auth::TokenCredential, except a more specific error is returned.