Decision log of Identity#47466
Draft
JennyPng wants to merge 1 commit into
Draft
Conversation
github-project-automation
Bot
moved this to Untriaged
in Azure Identity SDK Improvements
pvaneck
reviewed
Jun 12, 2026
pvaneck
left a comment
pvaneck
left a comment
Member
There was a problem hiding this comment.
Overall, looks pretty good. Left some comments.
Comment on lines
+284
to
+294
| ### `additionally_allowed_tenants` allowlist — defending against the confused-deputy risk | ||
| PR [#26133](https://github.com/Azure/azure-sdk-for-python/pull/26133) (2022-09) | ||
|
|
||
| Once per-request `tenant_id` was honored unconditionally, a malicious/compromised service | ||
| could return a challenge steering token acquisition to an attacker-controlled tenant. The fix | ||
| (`_internal/utils.py: resolve_tenant`) refuses any tenant not in `additionally_allowed_tenants` | ||
| (or `*`). A carve-out: credentials whose `default_tenant` is `"organizations"` (inherently | ||
| multi-tenant dev tools like `AzureCliCredential`) allow any tenant when no allowlist is set, | ||
| so developers using the CLI across subscriptions aren't broken. This is a **breaking | ||
| behavioral change** documented in [`BREAKING_CHANGES.md`](BREAKING_CHANGES.md) (1.11.0); the | ||
| rationale is at <https://aka.ms/azsdk/blog/multi-tenant-guidance>. |
Member
There was a problem hiding this comment.
I would say the main intention of this change was to constrain multi-tenant authentication by default so that if a credential was configured for one tenant when constructed, then token requests for another tenant would raise an error unless explicitly allowed.
| extensions). In that package, `allow_broker` defaults to `True` because installing the package | ||
| *is* the opt-in. | ||
|
|
||
| ### `WorkloadIdentityCredential` and the `FailedDACCredential` placeholder |
Member
There was a problem hiding this comment.
FailedDACCredential was introduced in 2025, so timeline is off here: #42346
|
|
||
| ## Recurring patterns worth internalizing | ||
|
|
||
| - **MSAL is the source of truth.** Local workarounds for MSAL gaps are deliberate, time-boxed |
Member
There was a problem hiding this comment.
Source of truth for most sync-credentials. Async credentials don't use MSAL underneath since MSAL does not have an async API. They only use MSAL's token cache.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
asked Copilot to analyze git history, PR descriptions, etc. to document a historical timeline of (non-obvious) decisions made when developing Identity
experiment to see if this is useful context to have in the repo for agents. would require automated agentic workflows to maintain
Prompt: