#[non_exhaustive]pub enum Credentials {
SqlServer {
username: Cow<'static, str>,
password: Cow<'static, str>,
},
AzureAccessToken {
token: Cow<'static, str>,
},
AzureManagedIdentity {
client_id: Option<Cow<'static, str>>,
},
AzureServicePrincipal {
tenant_id: Cow<'static, str>,
client_id: Cow<'static, str>,
client_secret: Cow<'static, str>,
},
AzureDefault,
Certificate {
tenant_id: Cow<'static, str>,
client_id: Cow<'static, str>,
cert_path: Cow<'static, str>,
password: Option<Cow<'static, str>>,
},
}Expand description
Credentials for SQL Server authentication.
This enum represents the various authentication methods supported. Credentials are designed to minimize copying of sensitive data.
Variants (Non-exhaustive)§
This enum is marked as non-exhaustive
SqlServer
SQL Server authentication with username and password.
AzureAccessToken
Azure Active Directory / Entra ID access token.
AzureManagedIdentity
Azure Managed Identity (for VMs and containers).
AzureServicePrincipal
Azure Service Principal.
Fields
AzureDefault
Azure default credential chain (managed identity, then the signed-in
az / azd CLI session). Maps to Authentication=ActiveDirectoryDefault.
Certificate
Client certificate authentication (Azure AD service principal with an X.509 certificate).
The certificate authenticates to Microsoft Entra, which issues the access token used for the FEDAUTH login. This is NOT TDS-level mutual TLS — SQL Server does not accept client certificates at the protocol level.
Implementations§
Source§impl Credentials
impl Credentials
Sourcepub fn sql_server(
username: impl Into<Cow<'static, str>>,
password: impl Into<Cow<'static, str>>,
) -> Credentials
pub fn sql_server( username: impl Into<Cow<'static, str>>, password: impl Into<Cow<'static, str>>, ) -> Credentials
Create SQL Server credentials.
Sourcepub fn azure_token(token: impl Into<Cow<'static, str>>) -> Credentials
pub fn azure_token(token: impl Into<Cow<'static, str>>) -> Credentials
Create Azure access token credentials.
Sourcepub fn azure_default() -> Credentials
pub fn azure_default() -> Credentials
Create Azure default-credential-chain credentials
(Authentication=ActiveDirectoryDefault): managed identity, then the
signed-in az / azd CLI session.
Requires the azure-identity feature.
Sourcepub fn certificate(
tenant_id: impl Into<Cow<'static, str>>,
client_id: impl Into<Cow<'static, str>>,
cert_path: impl Into<Cow<'static, str>>,
password: Option<Cow<'static, str>>,
) -> Credentials
pub fn certificate( tenant_id: impl Into<Cow<'static, str>>, client_id: impl Into<Cow<'static, str>>, cert_path: impl Into<Cow<'static, str>>, password: Option<Cow<'static, str>>, ) -> Credentials
Create client-certificate (Azure AD service principal) credentials.
cert_path points at a PKCS#12 (.pfx) file, or a PEM file containing
both the certificate and its private key. The certificate authenticates
to Microsoft Entra, which issues the access token used for login.
Requires the cert-auth feature.
Sourcepub fn is_sql_auth(&self) -> bool
pub fn is_sql_auth(&self) -> bool
Check if these credentials use SQL authentication.
Sourcepub fn is_azure_ad(&self) -> bool
pub fn is_azure_ad(&self) -> bool
Check if these credentials use Azure AD.
Sourcepub fn method_name(&self) -> &'static str
pub fn method_name(&self) -> &'static str
Get the authentication method name.
Trait Implementations§
Source§impl Clone for Credentials
impl Clone for Credentials
Source§fn clone(&self) -> Credentials
fn clone(&self) -> Credentials
1.0.0 (const: unstable) · Source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source. Read moreSource§impl Debug for Credentials
impl Debug for Credentials
Source§impl From<Credentials> for SecureCredentials
Available on crate feature zeroize only.Convert from non-secure credentials to secure credentials.
impl From<Credentials> for SecureCredentials
zeroize only.Convert from non-secure credentials to secure credentials.