Authenticates Rust apps to Azure using DeveloperToolsCredential, ManagedIdentityCredential, ClientSecretCredential, and other credential types with code examples.
From antigravity-awesome-skillsnpx claudepluginhub sickn33/antigravity-awesome-skills --plugin antigravity-awesome-skillsThis skill uses the workspace's default tool permissions.
Designs and optimizes AI agent action spaces, tool definitions, observation formats, error recovery, and context for higher task completion rates.
Enables AI agents to execute x402 payments with per-task budgets, spending controls, and non-custodial wallets via MCP tools. Use when agents pay for APIs, services, or other agents.
Compares coding agents like Claude Code and Aider on custom YAML-defined codebase tasks using git worktrees, measuring pass rate, cost, time, and consistency.
Authentication library for Azure SDK clients using Microsoft Entra ID (formerly Azure AD).
cargo add azure_identity
# Service Principal (for production/CI)
AZURE_TENANT_ID=<your-tenant-id>
AZURE_CLIENT_ID=<your-client-id>
AZURE_CLIENT_SECRET=<your-client-secret>
# User-assigned Managed Identity (optional)
AZURE_CLIENT_ID=<managed-identity-client-id>
The recommended credential for local development. Tries developer tools in order (Azure CLI, Azure Developer CLI):
use azure_identity::DeveloperToolsCredential;
use azure_security_keyvault_secrets::SecretClient;
let credential = DeveloperToolsCredential::new(None)?;
let client = SecretClient::new(
"https://my-vault.vault.azure.net/",
credential.clone(),
None,
)?;
| Order | Credential | Environment |
|---|---|---|
| 1 | AzureCliCredential | az login |
| 2 | AzureDeveloperCliCredential | azd auth login |
| Credential | Usage |
|---|---|
DeveloperToolsCredential | Local development - tries CLI tools |
ManagedIdentityCredential | Azure VMs, App Service, Functions, AKS |
WorkloadIdentityCredential | Kubernetes workload identity |
ClientSecretCredential | Service principal with secret |
ClientCertificateCredential | Service principal with certificate |
AzureCliCredential | Direct Azure CLI auth |
AzureDeveloperCliCredential | Direct azd CLI auth |
AzurePipelinesCredential | Azure Pipelines service connection |
ClientAssertionCredential | Custom assertions (federated identity) |
For Azure-hosted resources:
use azure_identity::ManagedIdentityCredential;
// System-assigned managed identity
let credential = ManagedIdentityCredential::new(None)?;
// User-assigned managed identity
let options = ManagedIdentityCredentialOptions {
client_id: Some("<user-assigned-mi-client-id>".into()),
..Default::default()
};
let credential = ManagedIdentityCredential::new(Some(options))?;
For service principal with secret:
use azure_identity::ClientSecretCredential;
let credential = ClientSecretCredential::new(
"<tenant-id>".into(),
"<client-id>".into(),
"<client-secret>".into(),
None,
)?;
DeveloperToolsCredential for local dev — automatically picks up Azure CLIManagedIdentityCredential in production — no secrets to manageArc-wrapped and cheap to clonetokio feature — cargo add azure_identity --features tokio| Resource | Link |
|---|---|
| API Reference | https://docs.rs/azure_identity |
| Source Code | https://github.com/Azure/azure-sdk-for-rust/tree/main/sdk/identity/azure_identity |
| crates.io | https://crates.io/crates/azure_identity |
This skill is applicable to execute the workflow or actions described in the overview.