-
Notifications
You must be signed in to change notification settings - Fork 301
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Logic Apps (Standard) - Managed Identity practical usage in VS Code #346
Comments
@erwinkramer This is by design limitation. Though product group is looking for options - there may be enhancements in future. |
Getting the same error. Are there any alternatives to this or is Managed Itentity still not usable from a local enviornment? |
This is a real limitation that needs to be fixed. The whole point of managed identities is to not need to manage the App Registrations. This is now forcing us back down the path of not using managed identities at all if we want to be able to debug locally. |
I also find this behavior very limiting as testing Logic Apps with Managed Identities locally require code changes. As proposed by @erwinkramer above a nice solution would be that the Http action use DefaultAzureCredential which already 'under the hood' first try EnvironmentCredential followed by ManagedIdentityCredential in sequence. This would then work exactly as an Azure Function with DefaultAzureCredential where you just set AZURE_CLIENT_ID, AZURE_CLIENT_SECRET and AZURE_TENANT_ID in local.settings.json and the same code work both locally and deployed. If backward compatibility would be an issue maybe a new Authentication Type in the Http action could be introduced. |
This issue is stale because it has been open for 30 days with no activity. |
This issue was closed because it has been inactive for 7 days since being marked as stale. |
When in Visual Studio code, and using Managed Identity somewhere in your workflow, for instance, on a HTTP action, the following error will display while debugging:
Will this be supported somehow? This currently means you cannot debug your project when you use a Managed Identity somewhere in a workflow. Not very practical. I guess I understand why it's not working, because I'm not running it inside Azure, but locally.
As an alternative approach: Wouldn't implementing DefaultAzureCredential inside Logic Apps (standard) be a better option? That way you are not dependent on credentials on a specific environment.
Another approach: Able to point to a deployed managed identity, similar as how you point to a resource group for API connections (
WORKFLOWS_RESOURCE_GROUP_NAME
), inside thelocal.settings.json
, so it will try to authenticate with that.The text was updated successfully, but these errors were encountered: