Skip to content

Custom SqlClientAuthenticationProvider being overwritten by default one #3618

New issue
New issue
Closed
Bug
#3620
Closed
Custom SqlClientAuthenticationProvider being overwritten by default one#3618
Bug
#3620
Assignees
cheenamalhotra
Labels
Regression 💥Issues that are regressions introduced from earlier PRs.
@Charles-Gagnon

Description

@Charles-Gagnon
Charles-Gagnon
opened on Sep 13, 2025

Describe the bug

When a custom provider is registered in MDS 5.2+ it will be overwritten by the default provider. This is from the verbose logs for our app :

2025-09-13T16:33:21.7520936Z [78]: <sc|SqlAuthenticationProviderManager|SetProvider|Error>Failed to add provider Microsoft.Data.SqlClient.ActiveDirectoryAuthenticationProvider because a user-defined provider with type Microsoft.SqlServer.Management.UI.AadInteractiveAuthProvider.AadAuthenticationProvider already existed for authentication ActiveDirectoryInteractive.
2025-09-13T16:33:21.7531099Z [78]: <sc|ActiveDirectoryAuthenticationProvider|BeforeLoad|Info>being loaded into SqlAuthProviders for ActiveDirectoryInteractive.
2025-09-13T16:33:21.7531099Z [78]: <sc|SqlAuthenticationProviderManager|SetProvider|Info>Added auth provider Microsoft.Data.SqlClient.ActiveDirectoryAuthenticationProvider, overriding existed provider Microsoft.SqlServer.Management.UI.AadInteractiveAuthProvider.AadAuthenticationProvider for authentication ActiveDirectoryInteractive.

To reproduce

  1. Create and register a custom auth provider as documented here https://learn.microsoft.com/en-us/sql/connect/ado-net/sql/azure-active-directory-authentication?view=sql-server-ver17#support-for-a-custom-sql-authentication-provider
  2. Start up the application

Expected behavior

The custom auth provider is registered and called when Entra ID tokens are needed for authentication.

Further technical details

N/A

Additional context

This appears to have been introduced in https://github.com/dotnet/SqlClient/pull/1949/files#diff-d95a8fbf13f839abdfbc99fa02b0b3c2170eb8ddcb8747c729842f52854e56baL172

FYI @Wraith2

Previously, the method would return if a matching provider was already registered. But after the change the break just causes it to exit the loop, but then continue on to the following code which registers the default provider.

This was first introduced in MDS 5.2, but still seems to be an issue in 6.0 (I haven't verified this yet though except by looking at the code)

https://github.com/dotnet/SqlClient/blob/main/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/SqlAuthenticationProviderManager.cs#L189

Metadata

Metadata

Assignees

Labels

Regression 💥Issues that are regressions introduced from earlier PRs.

Type

Bug

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions