Azure-Player
Authentication via WorkloadIdentityFederation
Hi Kamil,
I recently implemented the publish tool for a CICD pipeline running in Azure Devops and it was very smooth. Thanks for your hard work!
I have a quick question in regards to authentication methods when implementing through Azure Devops. Currently it seems that only the service principle approach or managed service identity works - I tried setting up a service connection using Workload Identity federation and encountered this error:
Since Azure is now recommending workload identity federation are there any plans to make different authentication approaches viable? My company is trying to move away from managing service principles and having to recycle secrets.
Kind regards!
Error message (for searchability):
##[error]Unsupported authentication scheme 'WorkloadIdentityFederation' for Azure endpoint.
MSFT fixed recently similar issue here (reference): https://github.com/microsoft/azure-pipelines-tasks/issues/18992 PR details: https://github.com/microsoft/azure-pipelines-tasks/pull/19256/commits/50e3e31ca81204c3bb51a2be9cc050a7d13472cc#diff-e7717abe1d4a4bc136d4e37c1e2695fc81b89047c49dfd7adf9b155d9135a2b9
Hi, we are experiencing the same issue. We would love to use the recommended authentication method for it - as a workaround we reverted to a SP auth.
I have clients who would like to use workload identity federation with the Release pipeline task. Is there an ETA on this yet? I tried it today and am still getting the same error as in this thread.
Good news: I finally overcame all obstacles and errors related to the development of this feature. Currently, it's in tests. If you want to have access to Private Preview let me know. It should be deployed in a few days.