1.4.0b4 (2020-06-09)
ManagedIdentityCredential
can configure a user-assigned identity using any
identifier supported by the current hosting environment. To specify an
identity by its client ID, continue using theclient_id
argument. To
specify an identity by any other ID, use theidentity_config
argument,
for example:ManagedIdentityCredential(identity_config={"object_id": ".."})
(#10989)CertificateCredential
andClientSecretCredential
can optionally store
access tokens they acquire in a persistent cache. To enable this, construct
the credential withenable_persistent_cache=True
. On Linux, the persistent
cache requires libsecret andpygobject
. If these are unavailable or
unusable (e.g. in an SSH session), loading the persistent cache will raise an
error. You may optionally configure the credential to fall back to an
unencrypted cache by constructing it with keyword argument
allow_unencrypted_cache=True
.
(#11347)AzureCliCredential
raisesCredentialUnavailableError
when no user is
logged in to the Azure CLI.
(#11819)AzureCliCredential
andVSCodeCredential
, which enable authenticating as
the identity signed in to the Azure CLI and Visual Studio Code, respectively,
can be imported fromazure.identity
andazure.identity.aio
.azure.identity.aio.AuthorizationCodeCredential.get_token()
no longer accepts
optional keyword argumentsexecutor
orloop
. Prior versions of the method
didn't use these correctly, provoking exceptions, and internal changes in this
version have made them obsolete.InteractiveBrowserCredential
raisesCredentialUnavailableError
when it
can't start an HTTP server onlocalhost
.
(#11665)- When constructing
DefaultAzureCredential
, you can now configure a tenant ID
forInteractiveBrowserCredential
. When none is specified, the credential
authenticates users in their home tenants. To specify a different tenant, use
the keyword argumentinteractive_browser_tenant_id
, or set the environment
variableAZURE_TENANT_ID
.
(#11548) SharedTokenCacheCredential
can be initialized with anAuthenticationRecord
provided by a user credential.
(#11448)- The user authentication API added to
DeviceCodeCredential
and
InteractiveBrowserCredential
in 1.4.0b3 is available on
UsernamePasswordCredential
as well.
(#11449) - The optional persistent cache for
DeviceCodeCredential
and
InteractiveBrowserCredential
added in 1.4.0b3 is now available on Linux and
macOS as well as Windows.
(#11134)- On Linux, the persistent cache requires libsecret and
pygobject
. If these
are unavailable, or libsecret is unusable (e.g. in an SSH session), loading
the persistent cache will raise an error. You may optionally configure the
credential to fall back to an unencrypted cache by constructing it with
keyword argumentallow_unencrypted_cache=True
.
- On Linux, the persistent cache requires libsecret and