Skip to content

DAC: Disable probe and enable retries when ManagedIdentityCredential is selected via env var #43046

New issue
New issue
Open
Feature
#43080
Open
DAC: Disable probe and enable retries when ManagedIdentityCredential is selected via env var#43046
Feature
#43080
Assignees
pvaneck
Labels
Azure.IdentityClientThis issue points to a problem in the data-plane of the library.
Milestone
2025-10
@scottaddie

Description

@scottaddie
scottaddie
opened on Sep 17, 2025

When the environment variable AZURE_TOKEN_CREDENTIALS (or its custom equivalent) is explicitly set to ManagedIdentityCredential, DefaultAzureCredential should:

  • Skip the probe request typically used to detect available credentials.
  • Enable retry logic with exponential backoff for token acquisition attempts.

This behavior aligns with the assumption that the developer has intentionally selected ManagedIdentityCredential, and probing other sources is unnecessary. It also improves resiliency in environments where the managed identity endpoint may be temporarily unavailable.

Expected Behavior:

  • No probe request is issued.
  • Retry logic is applied with exponential backoff.

Actual Behavior:

  • Probe request is still issued.
  • Retry logic may not be applied consistently.

Suggested Fix:
Update DefaultAzureCredential to detect when ManagedIdentityCredential is explicitly selected via environment variable and adjust behavior accordingly. See the .NET PR at Azure/azure-sdk-for-net#52545.

Metadata

Metadata

Assignees

Labels

Azure.IdentityClientThis issue points to a problem in the data-plane of the library.

Type

Feature

Projects

Azure Identity SDK Improvements

Status

Not Started

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions