Skip to content

Rename enableAzureTokenProxy -> enableAzureProxy #47747

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
anannya03 wants to merge 3 commits into
base: main
Choose a base branch
from
+30 −28
Open

Rename enableAzureTokenProxy -> enableAzureProxy #47747

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
ca08077
Renamed the enableAzureTokenProxy field
anannya03 Jan 19, 2026
52c9309
troubleshoot guilde update
anannya03 Jan 23, 2026
6706b68
Merge branch 'main' into wic_identity_binding_property_rename
anannya03 Jan 23, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions sdk/identity/azure-identity/CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
### Features Added

### Breaking Changes
- Renamed `enableAzureTokenProxy()` method in `WorkloadIdentityCredentialBuilder` to `enableAzureProxy()`. These changes only affect code written against beta version 1.19.0-beta.1.

### Bugs Fixed

Expand Down
1 change: 1 addition & 0 deletions sdk/identity/azure-identity/TROUBLESHOOTING.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -255,6 +255,7 @@ Get-AzAccessToken -ResourceUrl "https://management.core.windows.net"
|---|-------------------------------------------------------------------------------------------------------------------------------|---|
|`CredentialUnavailableException` raised with message. "WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured."| The `WorkloadIdentityCredential` requires `clientId`, `tenantId` and `tokenFilePath` to authenticate with Microsoft Entra ID. | <ul><li>If using `DefaultAzureCredential` then:</li><ul><li>Ensure client ID is specified via `workloadIdentityClientId` setter or `AZURE_CLIENT_ID` env variable.</li><li>Ensure tenant ID is specified via `AZURE_TENANT_ID` env variable.</li><li>Ensure token file path is specified via `AZURE_FEDERATED_TOKEN_FILE` env variable.</li><li>Ensure authority host is specified via `AZURE_AUTHORITY_HOST` env variable.</ul><li>If using `WorkloadIdentityCredential` then:</li><ul><li>Ensure tenant ID is specified via `tenantId` setter on credential builder or `AZURE_TENANT_ID` env variable.</li><li>Ensure client ID is specified via `clientId` setter on the credential builder or `AZURE_CLIENT_ID` env variable.</li><li>Ensure token file path is specified via `tokenFilePath` setter on the credential builder or `AZURE_FEDERATED_TOKEN_FILE` environment variable. </li></ul></li><li>Consult the [product troubleshooting guide](https://azure.github.io/azure-workload-identity/docs/troubleshooting.html) for other issues.</li></ul>
|`CredentialUnavailableException` raised with message. "WorkloadIdentityCredential authentication unavailable. The request to the authority host was invalid."| The configured properties for workload identity are invalid. | Ensure the properties for workload identity are correctly configured on the credential builder and right permissions are assigned to the workload identity.
|In an application using [Azure Kubernetes Service identity bindings](https://learn.microsoft.com/azure/aks/identity-bindings-concepts): <ul><li>AADSTS700211: No matching federated identity record found for presented assertion issuer ...</li><li>AADSTS700212: No matching federated identity record found for presented assertion audience 'api://AKSIdentityBinding'.</li></ul> |`WorkloadIdentityCredential` isn't configured to use the identity binding proxy|Call `WorkloadIdentityCredentialBuilder.enableAzureProxy()` while building the credential.

## Troubleshoot `IntelliJCredential` authentication issues

Expand Down
10 changes: 5 additions & 5 deletions ...ty/azure-identity/src/main/java/com/azure/identity/WorkloadIdentityCredentialBuilder.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@
public class WorkloadIdentityCredentialBuilder extends AadCredentialBuilderBase<WorkloadIdentityCredentialBuilder> {
private static final ClientLogger LOGGER = new ClientLogger(WorkloadIdentityCredentialBuilder.class);
private String tokenFilePath;
private boolean enableTokenProxy;
private boolean enableAzureProxy;

/**
* Creates an instance of a WorkloadIdentityCredentialBuilder.
Expand All @@ -76,10 +76,10 @@ public WorkloadIdentityCredentialBuilder tokenFilePath(String tokenFilePath) {
* environment variables (AZURE_KUBERNETES_TOKEN_PROXY, AZURE_KUBERNETES_CA_FILE,
* AZURE_KUBERNETES_CA_DATA, AZURE_KUBERNETES_SNI_NAME).
*
* @return An updated instance of this builder with Azure token proxy enabled.
* @return An updated instance of this builder with Azure proxy enabled.
*/
public WorkloadIdentityCredentialBuilder enableAzureTokenProxy() {
this.enableTokenProxy = true;
public WorkloadIdentityCredentialBuilder enableAzureProxy() {
this.enableAzureProxy = true;
return this;
}

Expand All @@ -105,7 +105,7 @@ public WorkloadIdentityCredential build() {
ValidationUtil.validate(this.getClass().getSimpleName(), LOGGER, "Client ID", clientIdInput, "Tenant ID",
tenantIdInput, "Service Token File Path", federatedTokenFilePathInput);

if (enableTokenProxy) {
if (enableAzureProxy) {
ProxyConfig proxyConfig = CustomTokenProxyConfiguration.parseAndValidate(configuration);
if (proxyConfig != null) {
identityClientOptions.setHttpClient(new CustomTokenProxyHttpClient(proxyConfig));
Expand Down
24 changes: 12 additions & 12 deletions ...ntity/src/test/java/com/azure/identity/WorkloadIdentityCredentialIdentityBindingTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -148,7 +148,7 @@ public void testAksProxyWithCaFile() throws CertificateParsingException {
.tokenFilePath(tokenFilePath.toString())
.configuration(configuration)
.authorityHost(serverBaseUrl)
.enableAzureTokenProxy()
.enableAzureProxy()
.disableInstanceDiscovery()
.build();

Expand Down Expand Up @@ -177,7 +177,7 @@ public void testAksProxyWithCaFileAsync() {
.tokenFilePath(tokenFilePath.toString())
.configuration(configuration)
.authorityHost(serverBaseUrl)
.enableAzureTokenProxy()
.enableAzureProxy()
.disableInstanceDiscovery()
.build();

Expand Down Expand Up @@ -206,7 +206,7 @@ public void testAksProxyWithCaData() {
.tokenFilePath(tokenFilePath.toString())
.configuration(configuration)
.authorityHost(serverBaseUrl)
.enableAzureTokenProxy()
.enableAzureProxy()
.disableInstanceDiscovery()
.build();

Expand Down Expand Up @@ -236,7 +236,7 @@ public void testAksProxyWithInvalidTokenFile() {
.tokenFilePath(nonExistentTokenFile.toString())
.configuration(configuration)
.authorityHost(serverBaseUrl)
.enableAzureTokenProxy()
.enableAzureProxy()
.disableInstanceDiscovery()
.build();

Expand Down Expand Up @@ -268,7 +268,7 @@ public void testAksProxyWithInvalidCaCertificate() throws Exception {
.tokenFilePath(tokenFilePath.toString())
.configuration(configuration)
.authorityHost(serverBaseUrl)
.enableAzureTokenProxy()
.enableAzureProxy()
.disableInstanceDiscovery()
.build();

Expand Down Expand Up @@ -298,7 +298,7 @@ public void testAksProxyWithHttpScheme() {
.tokenFilePath(tokenFilePath.toString())
.configuration(configuration)
.authorityHost(httpProxyUrl)
.enableAzureTokenProxy()
.enableAzureProxy()
.disableInstanceDiscovery()
.build();

Expand Down Expand Up @@ -328,7 +328,7 @@ public void testAksProxyWithMalformedUrl() {
.tokenFilePath(tokenFilePath.toString())
.configuration(configuration)
.authorityHost(malformedUrl)
.enableAzureTokenProxy()
.enableAzureProxy()
.disableInstanceDiscovery()
.build();

Expand Down Expand Up @@ -357,7 +357,7 @@ public void testAksProxyUnreachable() {
.tokenFilePath(tokenFilePath.toString())
.configuration(configuration)
.authorityHost(unreachableProxyUrl)
.enableAzureTokenProxy()
.enableAzureProxy()
.disableInstanceDiscovery()
.build();

Expand Down Expand Up @@ -387,7 +387,7 @@ public void testAksProxyWithEmptyTokenFile() throws Exception {
.tokenFilePath(emptyTokenFile.toString())
.configuration(configuration)
.authorityHost(serverBaseUrl)
.enableAzureTokenProxy()
.enableAzureProxy()
.disableInstanceDiscovery()
.build();

Expand Down Expand Up @@ -417,7 +417,7 @@ public void testAksProxyWithUrlEncodedCharactersInPath() throws Exception {
.tokenFilePath(tokenFilePath.toString())
.configuration(configuration)
.authorityHost(proxyUrlWithEncoding)
.enableAzureTokenProxy()
.enableAzureProxy()
.disableInstanceDiscovery()
.build();

Expand Down Expand Up @@ -460,7 +460,7 @@ public void testAksProxyWithCaFileButNoSni() throws Exception {
.tokenFilePath(tokenFilePath.toString())
.configuration(configuration)
.authorityHost(serverBaseUrl)
.enableAzureTokenProxy()
.enableAzureProxy()
.disableInstanceDiscovery()
.build();

Expand Down Expand Up @@ -510,7 +510,7 @@ public void testAksProxyWithMismatchedSniAndCertificate() throws Exception {
.tokenFilePath(tokenFilePath.toString())
.configuration(configuration)
.authorityHost(serverBaseUrl)
.enableAzureTokenProxy()
.enableAzureProxy()
.disableInstanceDiscovery()
.build();

Expand Down
22 changes: 11 additions & 11 deletions ...ntity/azure-identity/src/test/java/com/azure/identity/WorkloadIdentityCredentialTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -236,7 +236,7 @@ public void testProxyEnabledWithProxyUrlGetsToken(@TempDir Path tempDir) throws
.clientId(CLIENT_ID)
.tokenFilePath(tokenFile.toString())
.configuration(configuration)
.enableAzureTokenProxy()
.enableAzureProxy()
.build();

StepVerifier.create(credential.getToken(request1))
Expand Down Expand Up @@ -270,7 +270,7 @@ public void testProxyEnabledWithoutProxyUrlGetsToken(@TempDir Path tempDir) thro
.clientId(CLIENT_ID)
.tokenFilePath(tokenFile.toString())
.configuration(configuration)
.enableAzureTokenProxy()
.enableAzureProxy()
.build();

StepVerifier.create(credential.getToken(request1))
Expand All @@ -297,7 +297,7 @@ public void testProxyEnabledInvalidProxyUrlSchemeFailure(@TempDir Path tempDir)
.clientId(CLIENT_ID)
.tokenFilePath(tokenFile.toString())
.configuration(configuration)
.enableAzureTokenProxy()
.enableAzureProxy()
.build();
});
}
Expand All @@ -317,7 +317,7 @@ public void testProxyUrlWithQueryFailure(@TempDir Path tempDir) throws IOExcepti
.clientId(CLIENT_ID)
.tokenFilePath(tokenFile.toString())
.configuration(configuration)
.enableAzureTokenProxy()
.enableAzureProxy()
.build();
});
}
Expand All @@ -337,7 +337,7 @@ public void testProxyUrlWithFragmentFailure(@TempDir Path tempDir) throws IOExce
.clientId(CLIENT_ID)
.tokenFilePath(tokenFile.toString())
.configuration(configuration)
.enableAzureTokenProxy()
.enableAzureProxy()
.build();
});
}
Expand All @@ -357,7 +357,7 @@ public void testProxyUrlWithUserInfoFailure(@TempDir Path tempDir) throws IOExce
.clientId(CLIENT_ID)
.tokenFilePath(tokenFile.toString())
.configuration(configuration)
.enableAzureTokenProxy()
.enableAzureProxy()
.build();
});
}
Expand Down Expand Up @@ -385,7 +385,7 @@ public void testCaFileAndCaDataPresentFailure(@TempDir Path tempDir) throws IOEx
.clientId(CLIENT_ID)
.tokenFilePath(tokenFile.toString())
.configuration(configuration)
.enableAzureTokenProxy()
.enableAzureProxy()
.build();
});
}
Expand Down Expand Up @@ -417,7 +417,7 @@ public void testProxyEnabledWithProxyUrlGetsTokenSync(@TempDir Path tempDir) thr
.clientId(CLIENT_ID)
.tokenFilePath(tokenFile.toString())
.configuration(configuration)
.enableAzureTokenProxy()
.enableAzureProxy()
.build();

AccessToken token = credential.getTokenSync(request1);
Expand Down Expand Up @@ -453,7 +453,7 @@ public void testProxyUrlWithCaDataAcquiresToken(@TempDir Path tempDir) throws IO
.clientId(CLIENT_ID)
.tokenFilePath(tokenFile.toString())
.configuration(configuration)
.enableAzureTokenProxy()
.enableAzureProxy()
.build();

StepVerifier.create(cred.getToken(request1))
Expand Down Expand Up @@ -493,7 +493,7 @@ public void testProxyUrlWithCaFileGetsToken(@TempDir Path tempDir) throws IOExce
.clientId(CLIENT_ID)
.tokenFilePath(tokenFile.toString())
.configuration(configuration)
.enableAzureTokenProxy()
.enableAzureProxy()
.build();

StepVerifier.create(cred.getToken(request1))
Expand Down Expand Up @@ -533,7 +533,7 @@ public void testProxyEnabledWithSniNameGetsToken(@TempDir Path tempDir) throws I
.clientId(CLIENT_ID)
.tokenFilePath(tokenFile.toString())
.configuration(configuration)
.enableAzureTokenProxy()
.enableAzureProxy()
.build();

StepVerifier.create(credential.getToken(request1))
Expand Down