Guidance on how to use with password-less login with Azure Service Principal or Managed Identity

[sivawba]

Environment

No LSB modules are available.
Distributor ID: Debian
Description:    Debian GNU/Linux 9.13 (stretch)
Release:        9.13
Codename:       stretch
Linux 2d6c2ce35519 5.10.25-linuxkit #1 SMP Tue Mar 23 09:27:39 UTC 2021 x86_64 GNU/Linux

TinyTDS Version and Information

     MS db-lib source compatibility: no
        Sybase binary compatibility: no
                      Thread safety: yes
                      iconv library: yes
                        TDS version: 7.3
                              iODBC: no
                           unixodbc: no
              SSPI "trusted" logins: no
                           Kerberos: no
                            OpenSSL: yes
                             GnuTLS: no
                               MARS: yes

FreeTDS Version

freetds-1.1.24 && ./configure --prefix=/usr/local --with-tdsver=7.3 --with-openssl=/usr/bin && make && make install

Description

Stack:

Rails 5.2
Ruby 2.3.0
tiny_tds 2.1.5
freetds 1.1.24
activerecord-sqlserver-adapter 5.2.0

We are trying to port a Rails application to Azure cloud and would like to use Azure Service Principal or Managed Identity instead of the database.yml username/password, while connecting to Azure SQL-MI

Is it possible to do this without specifying username/password in database.yml by using access_token from Azure IMDS endpoint as shown here for Python?

Any pointers on how to accomplish this would be greatly helpful. Thanks again for a great library that is helping us move forward with the port.

[Michoels]

It's not possible yet. FreeTDS doesn't support Azure AD login (Now rebranded as Microsoft Entra ID) at the moment.

We need to wait until FreeTDS adds support, and then TinyTDS will be able to add it.

Here's the relevant FreeTDS issue.