Bemærk
Adgang til denne side kræver godkendelse. Du kan prøve at logge på eller ændre mapper.
Adgang til denne side kræver godkendelse. Du kan prøve at ændre mapper.
This article introduces the Azure Identity Extensions and explains how to implement passwordless authentication to securely connect your Spring Cloud Azure applications to Azure services. By eliminating the need to store credentials in your application code, configuration files, or environment variables, you can both enhance security and streamline configuration.
Core features
Azure Identity Extensions
Azure Identity Extensions is built on top of the Azure Identity library and simplifies the authentication to Microsoft Entra ID and other Azure services. It provides a common template framework for users to obtain a token from Microsoft Entra ID using various credential types, including:
ClientSecretCredentialClientCertificateCredentialManagedIdentityCredentialDefaultAzureCredential
After you acquire the token, it serves as a substitute for a traditional password. The extensions also include the following plugins to facilitate database authentication using Microsoft Entra ID:
AzureMysqlAuthenticationPluginAzurePostgresqlAuthenticationPlugin
Spring Boot Integration
Spring Cloud Azure builds upon Azure Identity Extensions to offer a higher-level, more convenient implementation that lets developers concentrate on business logic rather than on manual authentication setups. The following autoconfigured beans simplify integration:
Implementation guides
Connect to MySQL
Spring Cloud Azure uses the AzureMysqlAuthenticationPlugin to convert a Microsoft Entra token into a MySQL-compatible password. For more information, see Spring Cloud Azure MySQL support and the sample repository.
Connect to PostgreSQL
For PostgreSQL, Spring Cloud Azure uses the AzurePostgresqlAuthenticationPlugin to translate a Microsoft Entra token into a password recognized by PostgreSQL. For more information, see Spring Cloud Azure PostgreSQL support and the sample repository.
Connect to Redis
To enable passwordless authentication for Redis, Spring Cloud Azure uses AzureAuthenticationTemplate to convert a Microsoft Entra token into a valid Redis credential. For more information, see Spring Cloud Azure Redis support and the sample repository.
Connect to Azure Service Bus JMS
For Azure Service Bus JMS, Spring Cloud Azure uses TokenCredentialProviderOptions to transfer a Microsoft Entra token into Azure Service Bus JMS credential. For more information, see Use Azure Service Bus with JMS and the sample repository.