How can I use clientid, clientsecret and tenantid with DefaultAzureCredentials
?
Most examples ask to set the following env variables
AZURE_TENANT_ID
AZURE_CLIENT_ID
AZURE_CLIENT_SECRET
However, I want to pass these directly in my .NET code. How can I do that?
DefaultAzureCredentialOptions defaultAzureCredentialOptions = new DefaultAzureCredentialOptions()
{
TenantId = "xxxxxxxxxxxxxxxxx",
ExcludeInteractiveBrowserCredential = true,
ExcludeVisualStudioCredential = true,
ExcludeAzurePowerShellCredential = true,
ExcludeSharedTokenCacheCredential = true,
ExcludeVisualStudioCodeCredential = true
};
Note that: DefaultAzureCredential
Class by default depends on the environment. Refer this MsDoc
DefaultAzureCredential
is designed to depend on the environment and it cannot be changed.As you want to pass these values directly in the code, you can make use of below code as a workaround:
You can set the Environment variables in the code directly as it is required to do it by default
class Program
{
static void Main(string[] args)
{
string tenantId = "TenantID";
string clientId = "ClientID";
string clientSecret = "ClientSecret";
Environment.SetEnvironmentVariable("AZURE_TENANT_ID", tenantId);
Environment.SetEnvironmentVariable("AZURE_CLIENT_ID", clientId);
Environment.SetEnvironmentVariable("AZURE_CLIENT_SECRET", clientSecret);
Console.WriteLine("Setting Azure credentials as environment variables");
var defaultAzureCredentialOptions = new DefaultAzureCredentialOptions
{
ExcludeEnvironmentCredential = false,
ExcludeManagedIdentityCredential = true,
ExcludeSharedTokenCacheCredential = true,
ExcludeVisualStudioCredential = false,
ExcludeVisualStudioCodeCredential = false,
ExcludeAzureCliCredential = true,
ExcludeInteractiveBrowserCredential = true
};
var credential = new DefaultAzureCredential(defaultAzureCredentialOptions);
var accessToken = credential.GetToken(
new Azure.Core.TokenRequestContext(scopes: new[] { "https://graph.microsoft.com/.default" }));
Console.WriteLine($"Access Token: {accessToken.Token}");
}
}
Otherwise, you can make use of ClientSecretCredential Class where you can pass the values directly like below:
class Program
{
static void Main(string[] args)
{
string tenantId = "TenantID";
string clientId = "ClientID";
string clientSecret = "ClientSecret";
var credential = new ClientSecretCredential(tenantId, clientId, clientSecret);
var tokenRequestContext = new TokenRequestContext(new[] { "https://graph.microsoft.com/.default" });
var accessToken = credential.GetToken(tokenRequestContext);
Console.WriteLine($"Access Token: {accessToken.Token}");
}
}