New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] DefaultAzureCredential takes a long time to authenticate #26584
Comments
Thank you for your feedback. Tagging and routing to the team members best able to assist. |
This sounds like a duplicate of #24767 |
Looks like the delay comes from ManagedIdentityCredential, as discussed in the other issue you linked. But this is still a significant delay compared to 1.4.0. Is there any plan to refactor DefaultAzureCredential to reduce the extra time taken by ManagedIdentityCredential? |
Yes - we have been discussing solutions to this problem and may have a preview of the change soon. cc @schaabs |
@christothes is there an update for this issue? Version 1.6.1 still has this problem. |
I have this same issue using Azure.Identity 1.7.0 Average time to get Token 10 seconds. This makes the site startup time painfully slow. The only workaround I know of is to get the token during app startup, otherwise, the token is getting on the first database access. Having a user wait 10 seconds to get a database response is just too much. After the token is gotten, then the speed is as expected. |
@gregoryagu there are multiple credential providers within the var credential = new DefaultAzureCredential(new DefaultAzureCredentialOptions
{
ExcludeManagedIdentityCredential = true
}); |
For me it brings down a standard request from >5 secs down to 4.54 secs BUT compared to SQL authentication which is <1 second, still more than 4x - Will there ever be a solution for this? or any workarounds |
@aliusman I believe investigation/changes to fix this issue are being tracked here: #29471 |
That is very interesting, thanks for sharing, I will have a look |
I have exclude everything I don't need and it still takes a long time. Any alternative solution?
|
@kempcalalo maybe you can try to use the code in the comment #29471 (comment) to see what is taking so long in your specific case. |
Hello @heldersousa-planetpayment See the results of the test below.
This seems to be a bit slow right? And what is really needed for us is the ManagedIdentityCredential Running this diagnostics in Visual Studio 2022 v17.4.4 |
I would recommend excluding ManagedIdentityCredential in the options. This one is usually the critical path due to how it must discover whether or not the MI endpoint is available reliably before moving on to other credential types. var credential = new DefaultAzureCredential(new DefaultAzureCredentialOptions
{
ExcludeManagedIdentityCredential = true
}); |
@christothes But if I do this, then the code will not work with MI credential? This is exactly the only credential option we are using. Our app is deployed in Azure App Services which connects to Azure SQL via MI. Is this slow performance the same if I deploy to App Service? Right now I'm only testing on my local machine but have not tried to deploy it yet to an App Service in Azure. |
@kempcalalo MI should not be an issue while running in App Service. I'm deploying my services in Azure Kubernetes Services (ASK), and the MI authentication is quick (much faster than local dev). |
No - this is only a problem when running outside of Azure in an environment where the MI endpoint is not available. The reason for the delay in local testing is that the |
Hi, we're sending this friendly reminder because we haven't heard back from you in 7 days. We need more information about this issue to help address it. Please be sure to give us your input. If we don't hear back from you within 14 days of this comment the issue will be automatically closed. Thank you! |
Library name and version
Azure.Identity 1.5.0
Describe the bug
Using
DefaultAzureCredential
for authentication takes a very long time in package version 1.5.0.The following code snippet takes ~3.5 seconds to run with Azure.Identity v1.4.0, and ~12.5 seconds with Azure.Identity v1.5.0.
Expected behavior
DefaultAzureCredential should not take >12 seconds to load credentials.
Actual behavior
DefaultAzureCredential takes >12 seconds to load credentials.
Reproduction Steps
Create an ASP .NET Core app with Azure.Identity v1.5.0 dependency. Add the code snippet above and measure the time taken for
GetTokenAsync
to complete.I had VisualStudioCredentials configured for authentication. Directly using VisualStudioCredentials for auth has no delay.
Environment
Tried running on .net3.1, .net5 and .net6 - same behavior.
Running in Visual Studio 2019.
dotnet --info:
.NET SDK (reflecting any global.json):
Version: 6.0.101
Commit: ef49f6213a
Runtime Environment:
OS Name: Windows
OS Version: 10.0.19044
OS Platform: Windows
RID: win10-x64
Base Path: C:\Program Files\dotnet\sdk\6.0.101\
Host (useful for support):
Version: 6.0.1
Commit: 3a25a7f1cc
.NET SDKs installed:
3.0.103 [C:\Program Files\dotnet\sdk]
3.1.416 [C:\Program Files\dotnet\sdk]
5.0.210 [C:\Program Files\dotnet\sdk]
5.0.403 [C:\Program Files\dotnet\sdk]
5.0.404 [C:\Program Files\dotnet\sdk]
6.0.101 [C:\Program Files\dotnet\sdk]
.NET runtimes installed:
Microsoft.AspNetCore.App 3.0.3 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App]
Microsoft.AspNetCore.App 3.1.22 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App]
Microsoft.AspNetCore.App 5.0.12 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App]
Microsoft.AspNetCore.App 5.0.13 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App]
Microsoft.AspNetCore.App 6.0.1 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App]
Microsoft.NETCore.App 3.0.3 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]
Microsoft.NETCore.App 3.1.22 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]
Microsoft.NETCore.App 5.0.12 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]
Microsoft.NETCore.App 5.0.13 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]
Microsoft.NETCore.App 6.0.1 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]
Microsoft.WindowsDesktop.App 3.0.3 [C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App]
Microsoft.WindowsDesktop.App 3.1.22 [C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App]
Microsoft.WindowsDesktop.App 5.0.12 [C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App]
Microsoft.WindowsDesktop.App 5.0.13 [C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App]
Microsoft.WindowsDesktop.App 6.0.1 [C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App]
The text was updated successfully, but these errors were encountered: