Workload Identity Federation Preview #884
Replies: 1 comment 5 replies
-
This is HUGE and works perfectly for tasks which invoke the service connection directly. For one of my use cases, however, I'm running # azure-pipelines.yml
- task: Bash@3
displayName: Deploy solutions
inputs:
filePath: 'deploySolutions.sh'
env:
url: $(PP_ENV_URL)
envName: $(PP_ENV_NAME)
applicationId: $(CLIENT_ID)
tenant: $(TENANT)
PAC_ADO_ID_TOKEN_REQUEST_TOKEN: $(PAC_ADO_ID_TOKEN_REQUEST_TOKEN)
PAC_ADO_ID_TOKEN_REQUEST_URL: $(PAC_ADO_ID_TOKEN_REQUEST_URL) # deploySolutions.sh
pac auth create --url $url --name $envName --applicationId $applicationId --tenant $tenant --azureDevOpsFederated What am I missing? |
Beta Was this translation helpful? Give feedback.
-
With the release of Power Platform Build Tools v2.0.69 and its underlying PAC v1.32.6, Service Principals can now authenticate with OpenID Connect (OIDC), federated with Azure DevOps . This enables the removal of Service Connections with Client Secrets.
To use this new option:
Add Federated Credentials to the App Registration
https://vstoken.dev.azure.com/[AzureDevOpsOrganizationID]
sc://[AzureDevOpsOrganizationName]/[AzureDevOpsProjectName]/[AzureDevOpsServiceConnectionName]
Beta Was this translation helpful? Give feedback.
All reactions