Quick background, I’m 100% new to local Azure development and I’ve been brought into an existing project. I have tried to read through MS documentation on this topic, and I have a high-level understanding of Azure authentication, but I don’t know how to solve this problem after extensive research.
My problem is that when I downloaded the source project, my manager walked me through the setup process within Visual Studio so that I can locally build and run the project. One of the first steps was to go to the Developer PowerShell in Visual Studio and run az login
, to log in locally to MS Azure. I did this, and since my account has multiple tenants (a personal one, and one delegated to me by my client) the process returned a list of tenant details, rather than just a single tenant login.
When we ran the application locally on my machine, the application encountered an exception with this code:
builder.Configuration.AddAzureKeyVault(
new Uri("REDACTED"),
new DefaultAzureCredential());
We discovered that since I had two authenticated tenants, the DefaultAzureCredential()
object was selecting the wrong tenant of the two that were received from the login process, which are cached somewhere on my dev machine.
What we need to do is modify the code above to specify the specific tenant associated with this project. When I logged in with the az login
command manually, I could see that it outputted JSON details to console as a collection of tenant details. From within those details, I could tell which tenant I need to use within the project based off of it’s respective name
property. However, I cannot figure out how to obtain this local, tenant list and search for the proper tenant by name
so that I can get it’s respective tenantId
for the application.
How can I access and search these cached details in my C# code?
For context, this is a Web API project and the Azure authentication setup is being called on start-up in Program.cs
. I’m not sure if that matters or not, but that’s how the application is setup. Also, to be clear, whatever changes that are made need to work for local development, but for deployment to production as well.
2
Answers
You can use
DefaultAzureCredential(DefaultAzureCredentialOptions)
constructor override and specify tenant id inDefaultAzureCredentialOptions
. So your code would be something like:I understand from your post that you used
az login
to login to your account but you have multiple tenants linked to that account which are outputed after you execute that command.If that’s true and you wanna select one to be used as default credential source you could use the next command in your CLI