For managed identity authentication, replace `--username` with `--client-id`, `--object-id` and `--resource-id`

[jiasli]

Related command az login --identity

Is your feature request related to a problem? Please describe. As mentioned in https://github.com/AzureAD/microsoft-authentication-library-for-python/pull/480#discussion_r1143912420, Azure CLI does not surface an "identity ID type" concept, therefore the usage pattern is based on trial-and-error:

https://github.com/Azure/azure-cli/blob/235c3554b7d79d33544c70dee12d66154abe74a9/src/azure-cli-core/azure/cli/core/_profile.py#L229-L253

Reusing --username for 3 types of IDs is inefficient and can be confusing to command readers (https://github.com/Azure/azure-cli/pull/29198#discussion_r1645196423).

Describe the solution you'd like Replace --username with --client-id, --object-id and --resource-id for managed identity authentication.

Describe alternatives you've considered

Additional context --service-principal may require similar changes: https://github.com/Azure/azure-cli/issues/29481

[yonzhan]

Thank you for opening this issue, we will look into it.

[github-actions[bot]]

Here are some similar issues that might help you. Please check if they can solve your problem.

• 29481

[jiasli]

Azure PowerShell cmdlet Connect-AzAccount only supports client ID and Resource ID. Object ID is not supported: https://learn.microsoft.com/en-us/powershell/module/az.accounts/connect-azaccount?view=azps-12.1.0#-accountid