Description
Library name
Azure.Identity
Please describe the feature.
TokenCredentials like ClientCertificateCredential only have constructors which accept a X509Certificate2, when the certificate rotates the only way to update it is to create a new credential and recreate all dependent clients. Azure.Identity should support rotation by exposing IX509Certificate2Provider constructors and X509Certificate2FromObjectProvider with a new method to update the certificate.
These changes would allow consumers to create a X509Certificate2FromObjectProvider with their certificate, create a ClientCertificateCredential with it and then create all their SDK Client. When the certificate rotates they just need to update the certificate in X509Certificate2FromObjectProvider and then all downstream clients continue to work.
I would be happy to pick up this change.
Metadata
Assignees
Labels
Type
Projects
Status
Not Started