From Uday:
the doc Id.Web 2.x wiki is a bit confusing, since PodIdentity has been deprecated by AKS. And it is really Azure workload identity that supports federation, pod identity did not. So the docs can be super confusing for someone who is trying to figure things out.
so PodIdentityClientAssertion is not the right terminology to use.
It's still the same experience: of taking a token from a file and exchanging it for AAD token, for Kubernetes scenarios; Use an Azure AD workload identities (preview) on Azure Kubernetes Service (AKS) - Azure Kubernetes Service | Microsoft Learn
Use an Azure AD workload identities (preview) on Azure Kubernetes Service (AKS) - Azure Kubernetes Service
Learn about Azure Active Directory workload identity (preview) for Azure Kubernetes Service (AKS) and how to migrate your application to authenticate using this identity.
it's called Azure workload identity for kubernetes
Reproduction steps
From Uday:
the doc Id.Web 2.x wiki is a bit confusing, since PodIdentity has been deprecated by AKS. And it is really Azure workload identity that supports federation, pod identity did not. So the docs can be super confusing for someone who is trying to figure things out.
so PodIdentityClientAssertion is not the right terminology to use.
It's still the same experience: of taking a token from a file and exchanging it for AAD token, for Kubernetes scenarios; Use an Azure AD workload identities (preview) on Azure Kubernetes Service (AKS) - Azure Kubernetes Service | Microsoft Learn
Use an Azure AD workload identities (preview) on Azure Kubernetes Service (AKS) - Azure Kubernetes Service
Learn about Azure Active Directory workload identity (preview) for Azure Kubernetes Service (AKS) and how to migrate your application to authenticate using this identity.
it's called Azure workload identity for kubernetes
Error message
No response
Id Web logs
No response
Relevant code snippets
N/A
Regression
No response
Expected behavior
Instead of PodIdentity, expose AzureWorkloadIdentityForKubernetes
Microsoft.Identity.Web Library
Microsoft.Identity.Web.CertificateLess
Microsoft.Identity.Web version
2.x-preview
Web app
Not Applicable
Web API
Not Applicable
Token cache serialization
Not Applicable
Description
From Uday: the doc Id.Web 2.x wiki is a bit confusing, since PodIdentity has been deprecated by AKS. And it is really Azure workload identity that supports federation, pod identity did not. So the docs can be super confusing for someone who is trying to figure things out.
so PodIdentityClientAssertion is not the right terminology to use. It's still the same experience: of taking a token from a file and exchanging it for AAD token, for Kubernetes scenarios; Use an Azure AD workload identities (preview) on Azure Kubernetes Service (AKS) - Azure Kubernetes Service | Microsoft Learn Use an Azure AD workload identities (preview) on Azure Kubernetes Service (AKS) - Azure Kubernetes Service Learn about Azure Active Directory workload identity (preview) for Azure Kubernetes Service (AKS) and how to migrate your application to authenticate using this identity.
it's called Azure workload identity for kubernetes
Reproduction steps
From Uday: the doc Id.Web 2.x wiki is a bit confusing, since PodIdentity has been deprecated by AKS. And it is really Azure workload identity that supports federation, pod identity did not. So the docs can be super confusing for someone who is trying to figure things out.
so PodIdentityClientAssertion is not the right terminology to use. It's still the same experience: of taking a token from a file and exchanging it for AAD token, for Kubernetes scenarios; Use an Azure AD workload identities (preview) on Azure Kubernetes Service (AKS) - Azure Kubernetes Service | Microsoft Learn Use an Azure AD workload identities (preview) on Azure Kubernetes Service (AKS) - Azure Kubernetes Service Learn about Azure Active Directory workload identity (preview) for Azure Kubernetes Service (AKS) and how to migrate your application to authenticate using this identity.
it's called Azure workload identity for kubernetes
Error message
No response
Id Web logs
No response
Relevant code snippets
Regression
No response
Expected behavior
Instead of PodIdentity, expose AzureWorkloadIdentityForKubernetes