Open ganapathysuresh opened 10 months ago
@sureshganapathylgri Thanks for reaching out. I want to understand your use case a bit better. Can you provide more details on what you are trying to accomplish here (what you were doing in C# which now you want to do in C++)? For example, which Azure C++ SDK library and service are you trying to use with a public credential?
Also, PublicClientConfigurationBuilder
is an MSAL type for .NET, which is a different abstraction than TokenCredential
. Are you using that through the Azure.Identity
library for .NET, and if so, how?
Sorry for the ambiguity... Let me simplify my query:
In https://github.com/Azure/azure-sdk-for-cpp/tree/main/sdk/identity/azure-identity/src, do have support for public clients ?
public clients are supported in .NET/C++ via PublicClientConfigurationBuilder. In Azure SDK cpp, how can I get token from Azure AD without sending client secret?
In https://github.com/Azure/azure-sdk-for-cpp/tree/main/sdk/identity/azure-identity/src, do have support for public clients ?
That's a good question. Currently, we don't.
We'll take your feature request into consideration and route it appropriately.
To help with prioritization, could you share more details on what you are trying to do in your application. If we add support for this in C++, which Azure service or SDK would you use this public credential with (for example Storage Blobs, KeyVault, etc...).
public clients are supported in .NET/C++ via PublicClientConfigurationBuilder
To clarify, that is a .NET type and feature, and not related to C++.
My use case is : A Desktop Client/UI application written in C++ which need to get token from Azure AD. As this application will run in end user's desktop, I do not and can not have access to Client Secret.
In such case, I can not use Azure SDK unless public client flow is supported. I gave .NET example to show public client flow is supported elsewhere but not in Azure SDK for cpp.
Kindly let me know if you will be prioritise this feature (public client flow) in your SDK
Is your feature request related to a problem? Please describe. Azure Identity support ClientSecretCredential which is used to get token by supplying client secret. This is good for a confidential client. But for public client, we need to support the method of getting token without supplying the client secret
Describe the solution you'd like A new class derived from TokenCredential should be implemented which needs only Tenant id, client id and redirection url and the public client flow will be implemented in this new class , say PublicClientCredential
Describe alternatives you've considered This is only method inline with other TokenCredentials. So alternative considered as that will violate existing TokenCredentails
Additional context We need to attempt C# equivalent of PublicClientConfigurationBuilder. Also we may attempt to optionally support .NET feature of "withBroker" feature to support SSO
Information Checklist Kindly make sure that you have added all the following information above and checkoff the required fields otherwise we will treat the issuer as an incomplete report