peombwa
commented
2 years ago Thanks for following up on this.
CAE support for Service Principals will be provided by https://github.com/Azure/azure-sdk-for-net/issues/31473. We are moving to Azure.Identity for authentication in v2 of the module. A public preview of v2 will be available soon.
CAE for SP is now in public preview. This SDK should support this functionality by adding
.WithClientCapabilities(new[] { "cp1" })
to the ConfidentialClientApplicationBuilder in src/Authentication/Authentication.Core/Utilities/AuthenticationHelpers.cs and testing that the claims challenge handlers are correct for SPs. For SPs, we should make a single attempt to reacquire the access token from Azure AD and then continue if the token is acquired and fail if the token is not acquired.