From fa57654abcd2c00ad83cebdf3d822985a347db6c Mon Sep 17 00:00:00 2001
From: Yefu Wang <yefuwang@microsoft.com>
Date: Wed, 18 Sep 2024 11:16:57 +0800
Subject: [PATCH] Update ManagedIdentityCredential to use UAMI for
 containerapps

---
 app/backend/app.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/app/backend/app.py b/app/backend/app.py
index 9a84b91b1b..dd033d0221 100644
--- a/app/backend/app.py
+++ b/app/backend/app.py
@@ -419,6 +419,7 @@ async def setup_clients():
     AZURE_ENABLE_UNAUTHENTICATED_ACCESS = os.getenv("AZURE_ENABLE_UNAUTHENTICATED_ACCESS", "").lower() == "true"
     AZURE_SERVER_APP_ID = os.getenv("AZURE_SERVER_APP_ID")
     AZURE_SERVER_APP_SECRET = os.getenv("AZURE_SERVER_APP_SECRET")
+    AZURE_CLIENT_ID = os.getenv("AZURE_CLIENT_ID")
     AZURE_CLIENT_APP_ID = os.getenv("AZURE_CLIENT_APP_ID")
     AZURE_AUTH_TENANT_ID = os.getenv("AZURE_AUTH_TENANT_ID", AZURE_TENANT_ID)
 
@@ -449,7 +450,11 @@ async def setup_clients():
     azure_credential: Union[AzureDeveloperCliCredential, ManagedIdentityCredential]
     if RUNNING_ON_AZURE:
         current_app.logger.info("Setting up Azure credential using ManagedIdentityCredential")
-        azure_credential = ManagedIdentityCredential()
+        azure_credential = (
+            ManagedIdentityCredential()
+            if AZURE_CLIENT_ID is None
+            else ManagedIdentityCredential(client_id=AZURE_CLIENT_ID)
+        )
     elif AZURE_TENANT_ID:
         current_app.logger.info(
             "Setting up Azure credential using AzureDeveloperCliCredential with tenant_id %s", AZURE_TENANT_ID