[Identity] Update VSCodeCred Behavior + Broker Docs #35837
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-project-automation
bot
moved this to Untriaged
in Azure Identity SDK Improvements
minhanh-phan
requested review from
KarishmaGhiya,
maorleger and
a team
as code owners
minhanh-phan
requested review from
pvaneck,
g2vinay,
scottaddie,
xiangyan99 and
anannya03
There was a problem hiding this comment.
Pull Request Overview
This PR addresses an issue where VisualStudioCodeCredential could trigger interactive authentication prompts when the VS Code plugin is configured but the broker is unavailable. The changes ensure proper error handling and prevent unwanted interactive flows.
Key changes:
- Adds broker availability validation with clear error messages
- Sets
disableAutomaticAuthentication: truefor VS Code credential to prevent interactive prompts - Updates documentation with clearer prerequisites and troubleshooting guidance
Reviewed Changes
Copilot reviewed 7 out of 7 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| sdk/identity/identity/src/msal/nodeFlows/msalPlugins.ts | Adds broker availability checks with descriptive error messages |
| sdk/identity/identity/src/credentials/visualStudioCodeCredential.ts | Sets disableAutomaticAuthentication flag to prevent interactive auth |
| sdk/identity/identity/test/internal/node/visualStudioCodeCredential.spec.ts | Adds test to verify disableAutomaticAuthentication behavior |
| sdk/identity/identity/TROUBLESHOOTING.md | Updates troubleshooting with native dependency errors and platform support |
| sdk/identity/identity/CHANGELOG.md | Documents the bug fix for VS Code credential interactive auth issue |
| sdk/identity/identity-vscode/README.md | Adds prerequisites section with native dependency requirements |
| sdk/identity/identity-broker/README.md | Updates platform support documentation |
scottaddie
reviewed
Sep 5, 2025
Co-authored-by: Scott Addie <[email protected]>
scottaddie
approved these changes
Sep 5, 2025
Co-authored-by: Scott Addie <[email protected]>
maorleger
approved these changes
Sep 5, 2025
| @@ -194,6 +194,18 @@ function generatePluginConfiguration(options: MsalClientOptions): PluginConfigur | |||
| ].join(" "), | |||
| ); | |||
| } | |||
| // There is a scenario where the VSCode plugin is configured but the broker is not available (e.g., missing native dependencies). | |||
| // This check ensures we throw an error and not proceed with an invalid configuration. | |||
| if (vsCodeBrokerInfo.broker.isBrokerAvailable === false) { | |||
There was a problem hiding this comment.
nit: there's a lot of validation scenarios here, consider pulling them out into a separate function to ensures things are configured correctly, just for readbility
chlowell
reviewed
Sep 5, 2025
| @@ -338,6 +338,9 @@ curl 'http://169.254.169.254/metadata/identity/oauth2/token?resource=https://man | |||
| | Error Message | Description | Mitigation | | |||
| | ----------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | |||
| | Visual Studio Code Authentication is not available. | No Visual Studio Code plugin configuration is set or no Azure authentication record information was found in the VS Code configuration. | <ul><li>Ensure the [Azure Resources extension](https://marketplace.visualstudio.com/items?itemName=ms-azuretools.vscode-azureresourcegroups) is properly installed.</li><li>Check that you have signed in through **Azure: Sign In** command. This command opens a browser window and displays a page that allows you to sign in to Azure.</li><li>Install the `@azure/identity-vscode` package with `npm install @azure/identity-vscode` command and set the plugin configuration with `useIdentityPlugin()`</li></ul> | | | |||
| | Cannot open shared object file with `ERR_DLOPEN_FAILED` error code| Native dependencies are not properly installed. | <ul><li>Ensure that you are running in a supported environment. Currently, the `vsCodePlugin` is only supported on Windows and Mac OS.</li><li>Ensure the native dependencies are properly installed. Refer to our README prerequisites section for `@azure/identity-vscode`.</li></ul> | | |||
There was a problem hiding this comment.
Should this be
Suggested change
| | Cannot open shared object file with `ERR_DLOPEN_FAILED` error code| Native dependencies are not properly installed. | <ul><li>Ensure that you are running in a supported environment. Currently, the `vsCodePlugin` is only supported on Windows and Mac OS.</li><li>Ensure the native dependencies are properly installed. Refer to our README prerequisites section for `@azure/identity-vscode`.</li></ul> | | |
| | Cannot open shared object file with `ERR_DLOPEN_FAILED` error code| Native dependencies are not properly installed. | <ul><li>Ensure that you are running in a supported environment. Currently, the `vsCodePlugin` is only supported on Windows.</li><li>Ensure the native dependencies are properly installed. Refer to our README prerequisites section for `@azure/identity-vscode`.</li></ul> | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Packages impacted by this PR
@azure/identity
@azure/identity-vscode
@azure/identity-broker
Describe the problem that is addressed by this PR
There's a scenario in which interactive authentication might show up for
VisualStudioCodeCredentialwhen the plugin is set but the broker is not available. This is because in MSAL implementation, a stub class instance is imported so that static imports won't throw.The PR ensures:
disableAutomaticAuthenticationis set internally forVisualStudioCodeCredentialso no interactive authentication would be requiredWhat are the possible designs available to address the problem? If there are more than one possible design, why was the one in this PR chosen?
Are there test cases added in this PR? (If not, why?)
Provide a list of related PRs (if any)
Command used to generate this PR:**(Applicable only to SDK release request PRs)
Checklists