azure-devops-cli-extension icon indicating copy to clipboard operation
azure-devops-cli-extension copied to clipboard

Published 20 hours ago verified publisher icon Azure

Support for service principal for `get_access_token_for_resource`

Open roshan-sy opened this issue 2 years ago • 0 comments

The old implementation of get_access_token_for_resource doesn't work for service principal and managed identity, and that's why it is not recommended and removed in the MSAL migration:

https://github.com/Azure/azure-cli/blob/14cc787d0f58bc649d402b486fdecc5625eee9ac/src/azure-cli-core/azure/cli/core/_profile.py#L531-L535

    def get_access_token_for_resource(self, username, tenant, resource):
        tenant = tenant or 'common'
        _, access_token, _ = self._creds_cache.retrieve_token_for_user(
            username, tenant, resource)
        return access_token

Originally posted by @jiasli in https://github.com/Azure/azure-devops-cli-extension/pull/1226#discussion_r745319137

roshan-sy avatar Nov 09 '21 10:11 roshan-sy