Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FEATURE] Support for other auth methods #84

Closed
kenchan0130 opened this issue Jan 18, 2023 · 1 comment · Fixed by #86
Closed

[FEATURE] Support for other auth methods #84

kenchan0130 opened this issue Jan 18, 2023 · 1 comment · Fixed by #86
Assignees
@almenscorner
Labels
enhancement New feature or request ready to ship Feature is ready to be included in new version will include Feature will be included work started Work on this feature has started

Comments

@kenchan0130
Copy link

Is your feature request related to a problem? Please describe.

InutneCD only supports the client credential method (the client secret authentication).
However, for local execution or for more secure secret management, another method is commonly used.

Describe the solution you'd like

I would like to see support for methods other than the client credential method (the client secret authentication).

  • Azure CLI authentication
  • Client certificate authentication
  • MSI authentication
  • GitHub OIDC authentication

Describe alternatives you've considered

N/A

Additional context

The Graph API client used by azuread provider, which manages Azure AD with terraform, supports several auth methods.
https://github.com/manicminer/hamilton/blob/main/auth/auth.go#L23-L43
@kenchan0130 kenchan0130 added the enhancement New feature or request label Jan 18, 2023
@almenscorner
Copy link
Owner

Hi,

I'm currently working on switching ADAL over to MSAL as adal is deprecated. By doing this you will be able to use a certificate to authenticate or interactive mode to sign in with your account when running IntuneCD.

Currently, the MSAL Python module does not support Managed Identities (MSI). See this link for reference: https://msal-python.readthedocs.io/en/latest/#msal.PublicClientApplication.params.azure_region

Would it be enough with these authentication options?:

  • Client Credential
  • Cert
  • Interactive

Managed Identities would be added when support is added to the MSAL module.

@almenscorner almenscorner added work started Work on this feature has started will include Feature will be included labels Jan 18, 2023
@almenscorner almenscorner mentioned this issue Jan 20, 2023
Merged
@almenscorner almenscorner added the ready to ship Feature is ready to be included in new version label Jan 20, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@almenscorner almenscorner

Labels
enhancement New feature or request ready to ship Feature is ready to be included in new version will include Feature will be included work started Work on this feature has started
Projects
IntuneCD roadmap
Status: Shipped
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

v1.3.2 almenscorner/IntuneCD
2 participants
@kenchan0130 @almenscorner