I am trying to connect to cosmos db table api using Managed Identity. According to the documentation
No
CodePudding user response:
I would do the following:
- Ensure you're on the latest version of the
Microsoft.Azure.Cosmos
package - Ensure that you're using Azure.Identity (MSAL) as opposed to Microsoft.Azure.Services.AppAuthentication (ADAL, which is deprecated)
- Ensure that you've enabled managed identity for your app
- Ensure that you've created a role assignment for that managed identity's object/application ID in your Cosmos database (either read only or read/write)
- Get a
CosmosClient
with something similar tovar cosmosClient = new CosmosClient('yourCosmosClientDBUrl', new DefaultAzureCredential());
DefaultAzureCredential
is the Azure.Identity way of getting your access token to a service - it tries to look for authentication info in the following order:
- Environment variables
- Managed identity injected into the environment
- Shared token cache credential
- Visual Studio credential
- Visual Studio Code credential
- AZ CLI credential
- Powershell Az credential
- Interactive credential (popup browser window)