Since there is no client id in case of system assigned managed identity, the app token cache that we use to cache managed identity tokens can fail for a scenario where distributed cache is used for 2 different resources. Due to same cache key for both the resources, the tokens can be used interchangeably and this is a possible security concern.
Since there is no client id in case of system assigned managed identity, the app token cache that we use to cache managed identity tokens can fail for a scenario where distributed cache is used for 2 different resources. Due to same cache key for both the resources, the tokens can be used interchangeably and this is a possible security concern.