Since we shipped the first Azure Identity library preview in June 2019, it has been a vital part of building Azure cloud solutions. We have received great feedback from our development community and have added new features and have fixed many bugs. However, most of the changes have been in preview in the past few months. Today, we are proud to share the stable release in .NET, Java, Python, and JavaScript/TypeScript with you. This blog will give you a brief introduction to what we are bringing in this release.
In this release, we have added support for more environments and developer platforms, without compromising the simplicity of the DefaultAzureCredential class. It’s now easier than ever to authenticate your cloud application on your local workstation, with your choice of IDE or developer tool. When the application is deployed to Azure, you are given more control and insights on how your application is authenticated.
Getting Started
Use the links below to find the August release of each language:
DefaultAzureCredential Updates
In the Azure Identity November 2019 release, DefaultAzureCredential supported reading credentials from environment variables, Managed Identity, Windows shared token cache, and interactively in the browser (for .NET & Python), in that order. In this new release, DefaultAzureCredential is much more powerful, supporting a set of new environments in the following order (a merged list of all languages):
- Environment – The
DefaultAzureCredentialwill read account information specified via environment variables and use it to authenticate. - Managed Identity – If the application is deployed to an Azure host with Managed Identity enabled, the
DefaultAzureCredentialwill authenticate with that account. - Shared Token Cache (updated, .NET, Java, Python only) – Shared token cache is now also supported on Mac OS and Linux, in addition to Windows. If the developer has authenticated via tools that write to the shared token cache, the
DefaultAzureCredentialwill authenticate with that account. - IntelliJ (new, Java only) – If the developer has authenticated via Azure Toolkit for IntelliJ, the
DefaultAzureCredentialwill authenticate with that account. - Visual Studio (new, .NET only) – If the developer has authenticated via Visual Studio, the
DefaultAzureCredentialwill authenticate with that account. - Visual Studio Code (new) – If the developer has authenticated via the Visual Studio Code Azure Account extension, the
DefaultAzureCredentialwill authenticate with that account. - Azure CLI (new) – If the developer has authenticated an account via the Azure CLI
az logincommand, theDefaultAzureCredentialwill authenticate with that account. - Interactive (.NET, Python only) – If enabled the
DefaultAzureCredentialwill interactively authenticate the developer via the current system’s default browser.
Using the DefaultAzureCredential remains the same as the previous releases:
// .NET
var client = new SecretClient(new Uri(keyVaultUrl), new DefaultAzureCredential());
// Java
DefaultAzureCredential credential = new DefaultAzureCredentialBuilder().build();
SecretClient secretClient = new SecretClientBuilder()
.vaultUrl(keyVaultUrl)
.credential(credential)
.buildClient();
// JavaScript
const client = new SecretClient(keyVaultUrl, new DefaultAzureCredential());
## Python
client = SecretClient(vault_url, DefaultAzureCredential())
More Credential Types
Not only is the DefaultAzureCredential updated to support these environments, you can also pick the specific credential to use. Here are the list of credentials grouped by usage types:
#azure sdk #azure #azuresdk #identity #java #sdk
