Skip to content

DAC: Disable probe and enable retries when ManagedIdentityCredential is selected via env var #35971

New issue
New issue
Closed
Feature
#36047
Closed
DAC: Disable probe and enable retries when ManagedIdentityCredential is selected via env var#35971
Feature
#36047
Assignees
minhanh-phan
Labels
Azure.IdentityClientThis issue points to a problem in the data-plane of the library.
Milestone
2025-10
@scottaddie

Description

@scottaddie
scottaddie
opened on Sep 17, 2025

When the environment variable AZURE_TOKEN_CREDENTIALS (or its custom equivalent) is explicitly set to ManagedIdentityCredential, DefaultAzureCredential should:

  • Skip the probe request typically used to detect available credentials.
  • Enable retry logic with exponential backoff for token acquisition attempts.

This behavior aligns with the assumption that the developer has intentionally selected ManagedIdentityCredential, and probing other sources is unnecessary. It also improves resiliency in environments where the managed identity endpoint may be temporarily unavailable.

Expected Behavior:

  • No probe request is issued.
  • Retry logic is applied with exponential backoff.

Actual Behavior:

  • Probe request is still issued.
  • Retry logic may not be applied consistently.

Suggested Fix:
Update DefaultAzureCredential to detect when ManagedIdentityCredential is explicitly selected via environment variable and adjust behavior accordingly. See the .NET PR at Azure/azure-sdk-for-net#52545.

Metadata

Metadata

Assignees

Labels

Azure.IdentityClientThis issue points to a problem in the data-plane of the library.

Type

Feature

Projects

Azure Identity SDK Improvements

Status

Done

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions