Clarification on use of user-assigned managed identity and github-hosted runners

[matsest]

The content of this action's README is conflicting with official guidance on MS Learn regarding the use of user-assigned managed identities (UAMI). The documentation listed above gives example of workflow to use with github-hosted runners and UAMI.

The README in the repo, however, states:

"Login With User-assigned Managed Identity" is only supported on GitHub self-hosted runners and the self-hosted runners need to be hosted by Azure virtual machines.

and gives the example

name: Run Azure Login with User-assigned Managed Identity
on: [push]

jobs:
  build-and-deploy:
    runs-on: self-hosted
    steps:
      - name: Azure login
        uses: azure/login@v2
        with:
          auth-type: IDENTITY
          client-id: ${{ secrets.AZURE_CLIENT_ID }}
          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
          enable-AzPSSession: true

where we can see runs-on: self-hosted and auth-type: IDENTITY.

From my own testing and long-time usage I can still use UAMI and github-hosted runners with this action, when not setting auth-type to IDENTITY:

• Workflow run: https://github.com/matsest/az-oidc-managed-identity-demo/actions/runs/11086989035/job/30805186207
• Workflow file: https://github.com/matsest/az-oidc-managed-identity-demo/actions/runs/11086989035/workflow

When using the same UAMI and setting auth-type: IDENTITY I get errors (see run, workflow file): Error: Failed to connect to MSI, check your managed service identity id.

This is also tested by explicitly setting auth-type: SERVICE_PRINCIPAL (see run, workflow file) which again works fine.

Based on my testing and experience with managed identities I would assume that the restriction on using auth-type: IDENTITY and self-hosted runners only really applies to system-assigned managed identities?