How to use @azure/identity - 10 common examples

To help you get started, we’ve selected a few @azure/identity examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github Azure / azure-sdk-for-js / common / smoke-test / KeyVault.ts View on Github external
static async Run() {
    console.log(KeyVaultSecrets.dedent`
        ------------------------
        Key Vault - Secrets
        Identity - Credential
        ------------------------
        1) Set a secret
        2) Get that secret
        3) Delete that secret (Clean up the resource)
        `);

    // EnvironmentCredential expects the following three environment variables:
    // * AZURE_TENANT_ID: The tenant ID in Azure Active Directory
    // * AZURE_CLIENT_ID: The application (client) ID registered in the AAD tenant
    // * AZURE_CLIENT_SECRET: The client secret for the registered application
    const credential = new EnvironmentCredential();
    const url = process.env["AZURE_PROJECT_URL"] || "";

    KeyVaultSecrets.client = new SecretsClient(url, credential);

    KeyVaultSecrets.secretName = `MySecretName-${uuidv1()}`;
    KeyVaultSecrets.secretValue = "MySecretValue";

    try {
      await KeyVaultSecrets.setSecret();
      await KeyVaultSecrets.getSecret();
    } catch (err) {
      throw err;
    } finally {
      await KeyVaultSecrets.deleteSecret();
    }
  }
github Azure / azure-sdk-for-js / sdk / keyvault / keyvault-keys / samples / typescript / helloWorld.ts View on Github external
async function main(): Promise {
  // DefaultAzureCredential expects the following three environment variables:
  // - AZURE_TENANT_ID: The tenant ID in Azure Active Directory
  // - AZURE_CLIENT_ID: The application (client) ID registered in the AAD tenant
  // - AZURE_CLIENT_SECRET: The client secret for the registered application
  const credential = new DefaultAzureCredential();

  const vaultName = process.env["KEYVAULT_NAME"] || "";
  const url = `https://${vaultName}.vault.azure.net`;
  const client = new KeyClient(url, credential);

  const keyName = "MyKeyName";
  const ecKeyName = "MyECKeyName";
  const rsaKeyName = "MyRSAKeyName";

  // You can create keys using the general method
  const result = await client.createKey(keyName, "EC");
  console.log("key: ", result);

  // Or using specialized key creation methods
  const ecResult = await client.createEcKey(ecKeyName, { curve: "P-256" });
  const rsaResult = await client.createRsaKey(rsaKeyName, { keySize: 2048 });
github Azure / azure-sdk-for-js / sdk / storage / storage-queue / samples / javascript / azureAdAuth.js View on Github external
);
    return;
  }

  // ONLY AVAILABLE IN NODE.JS RUNTIME
  // DefaultAzureCredential will first look for Azure Active Directory (AAD)
  // client secret credentials in the following environment variables:
  //
  // - AZURE_TENANT_ID: The ID of your AAD tenant
  // - AZURE_CLIENT_ID: The ID of your AAD app registration (client)
  // - AZURE_CLIENT_SECRET: The client secret for your AAD app registration
  //
  // If those environment variables aren't found and your application is deployed
  // to an Azure VM or App Service instance, the managed service identity endpoint
  // will be used as a fallback authentication source.
  const defaultAzureCredential = new DefaultAzureCredential();

  const queueServiceClient = new QueueServiceClient(
    `https://${account}.queue.core.windows.net`,
    defaultAzureCredential
  );

  console.log(`List queues`);
  let i = 1;
  for await (const item of queueServiceClient.listQueues()) {
    console.log(`Queue ${i++}: ${item.name}`);
  }
}
github Azure / azure-sdk-for-js / sdk / keyvault / keyvault-certificates / samples / typescript / helloWorld.ts View on Github external
async function main(): Promise {
  // If you're using MSI, DefaultAzureCredential should "just work".
  // Otherwise, DefaultAzureCredential expects the following three environment variables:
  // - AZURE_TENANT_ID: The tenant ID in Azure Active Directory
  // - AZURE_CLIENT_ID: The application (client) ID registered in the AAD tenant
  // - AZURE_CLIENT_SECRET: The client secret for the registered application
  const vaultName = process.env["KEYVAULT_NAME"] || "";
  const url = `https://${vaultName}.vault.azure.net`;
  const credential = new DefaultAzureCredential();

  const client = new CertificateClient(url, credential);

  const certificateName = "MyCertificate";

  // Creating a self-signed certificate
  const createPoller = await client.beginCreateCertificate(certificateName, DefaultCertificatePolicy);

  const pendingCertificate = createPoller.getResult();
  console.log("Certificate: ", pendingCertificate);

  // To read a certificate with their policy:
  let certificateWithPolicy = await client.getCertificate(certificateName);
  // Note: It will always read the latest version of the certificate.

  console.log("Certificate with policy:", certificateWithPolicy);
github Azure / azure-sdk-for-js / sdk / storage / storage-javascript / azureAdAuth.js View on Github external
);
    return;
  }

  // ONLY AVAILABLE IN NODE.JS RUNTIME
  // DefaultAzureCredential will first look for Azure Active Directory (AAD)
  // client secret credentials in the following environment variables:
  //
  // - AZURE_TENANT_ID: The ID of your AAD tenant
  // - AZURE_CLIENT_ID: The ID of your AAD app registration (client)
  // - AZURE_CLIENT_SECRET: The client secret for your AAD app registration
  //
  // If those environment variables aren't found and your application is deployed
  // to an Azure VM or App Service instance, the managed service identity endpoint
  // will be used as a fallback authentication source.
  const defaultAzureCredential = new DefaultAzureCredential();

  const blobServiceClient = new BlobServiceClient(
    `https://${account}.blob.core.windows.net`,
    defaultAzureCredential
  );

  // Create a container
  const containerName = `newcontainer${new Date().getTime()}`;
  const createContainerResponse = await blobServiceClient
    .getContainerClient(containerName)
    .create();
  console.log(`Created container ${containerName} successfully`, createContainerResponse.requestId);
}
github Azure / azure-sdk-for-js / sdk / keyvault / keyvault-secrets / samples / typescript / helloWorld.ts View on Github external
async function main(): Promise {
  // DefaultAzureCredential expects the following three environment variables:
  // - AZURE_TENANT_ID: The tenant ID in Azure Active Directory
  // - AZURE_CLIENT_ID: The application (client) ID registered in the AAD tenant
  // - AZURE_CLIENT_SECRET: The client secret for the registered application
  const credential = new DefaultAzureCredential();

  const vaultName = process.env["KEYVAULT_NAME"] || "";
  const url = `https://${vaultName}.vault.azure.net`;

  const client = new SecretClient(url, credential);

  // Create a secret
  const secretName = "MySecretName";
  const result = await client.setSecret(secretName, "MySecretValue");
  console.log("result: ", result);

  // Read the secret we created
  const secret = await client.getSecret(secretName);
  console.log("secret: ", secret);

  // Update the secret with different attributes
github Azure / azure-sdk-for-js / sdk / keyvault / keyvault-certificates / samples / javascript / contacts.js View on Github external
async function main() {
  // If you're using MSI, DefaultAzureCredential should "just work".
  // Otherwise, DefaultAzureCredential expects the following three environment variables:
  // - AZURE_TENANT_ID: The tenant ID in Azure Active Directory
  // - AZURE_CLIENT_ID: The application (client) ID registered in the AAD tenant
  // - AZURE_CLIENT_SECRET: The client secret for the registered application
  const vaultName = process.env["KEYVAULT_NAME"] || "";
  const url = `https://${vaultName}.vault.azure.net`;
  const credential = new DefaultAzureCredential();

  const client = new CertificateClient(url, credential);

  // Contacts are created independently of the certificates.

  const contacts = [
    {
      email: "a@a.com",
      name: "a",
      phone: "111111111111"
    },
    {
      email: "b@b.com",
      name: "b",
      phone: "222222222222"
    }
github Azure / azure-sdk-for-js / sdk / keyvault / keyvault-keys / samples / javascript / cryptography.js View on Github external
async function main() {
  // DefaultAzureCredential expects the following three environment variables:
  // - AZURE_TENANT_ID: The tenant ID in Azure Active Directory
  // - AZURE_CLIENT_ID: The application (client) ID registered in the AAD tenant
  // - AZURE_CLIENT_SECRET: The client secret for the registered application
  const credential = new DefaultAzureCredential();

  const vaultName = process.env["KEYVAULT_NAME"] || "";
  const url = `https://${vaultName}.vault.azure.net`;

  // Connection to Azure Key Vault
  const client = new KeyClient(url, credential);

  let keyName = "localWorkKey11241";

  // Connection to Azure Key Vault Cryptography functionality
  let myWorkKey = await client.createKey(keyName, "RSA");

  const cryptoClient = new CryptographyClient(myWorkKey.id, credential);

  // Sign and Verify
  const signatureValue = "MySignature";
github Azure / azure-sdk-for-js / sdk / keyvault / keyvault-certificates / samples / typescript / contacts.ts View on Github external
async function main(): Promise {
  // If you're using MSI, DefaultAzureCredential should "just work".
  // Otherwise, DefaultAzureCredential expects the following three environment variables:
  // - AZURE_TENANT_ID: The tenant ID in Azure Active Directory
  // - AZURE_CLIENT_ID: The application (client) ID registered in the AAD tenant
  // - AZURE_CLIENT_SECRET: The client secret for the registered application
  const vaultName = process.env["KEYVAULT_NAME"] || "";
  const url = `https://${vaultName}.vault.azure.net`;
  const credential = new DefaultAzureCredential();

  const client = new CertificateClient(url, credential);

  // Contacts are created independently of the certificates.

  const contacts = [
    {
      email: "a@a.com",
      name: "a",
      phone: "111111111111"
    },
    {
      email: "b@b.com",
      name: "b",
      phone: "222222222222"
    }
github Azure / azure-sdk-for-js / sdk / keyvault / keyvault-certificates / samples / typescript / listCertificates.ts View on Github external
async function main(): Promise {
  // If you're using MSI, DefaultAzureCredential should "just work".
  // Otherwise, DefaultAzureCredential expects the following three environment variables:
  // - AZURE_TENANT_ID: The tenant ID in Azure Active Directory
  // - AZURE_CLIENT_ID: The application (client) ID registered in the AAD tenant
  // - AZURE_CLIENT_SECRET: The client secret for the registered application
  const vaultName = process.env["KEYVAULT_NAME"] || "";
  const url = `https://${vaultName}.vault.azure.net`;
  const credential = new DefaultAzureCredential();

  const client = new CertificateClient(url, credential);

  // Creating two self-signed certificates. They will appear as pending initially.
  await client.beginCreateCertificate("MyCertificate1", {
    issuerName: "Self",
    subject: "cn=MyCert"
  });
  await client.beginCreateCertificate("MyCertificate2", {
    issuerName: "Self",
    subject: "cn=MyCert"
  });

  // Listing all the available certificates in a single call.
  // The certificates we just created are still pending at this point.
  for await (const certificate of client.listPropertiesOfCertificates({ includePending: true })) {

@azure/identity

Provides credential implementations for Azure SDK libraries that can authenticate with Microsoft Entra ID

MIT
Latest version published 1 month ago

Package Health Score

84 / 100
Full package analysis