Readme and doc updates (incl. Entra ID branding) (dotnet#4047)

* Readme and doc updates (incl. Entra ID branding)

* Include client id

Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>

* Update CHANGELOG.md

---------

Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>

Author: cheenamalhotra

.github/copilot-instructions.md

@@ -31,7 +31,7 @@ This project includes several key products and libraries that facilitate SQL Ser
 - **Microsoft.SqlServer.Server**: Supplies APIs for SQL Server-specific features, including user-defined types (UDTs) and SQL Server-specific attributes.
 
 ## 🛠️ Key Features
-- **Connectivity to SQL Server**: Provides robust and secure connections to SQL Server databases, using various authentication methods, such as Windows Authentication, SQL Server Authentication, and Azure Active Directory authentication, e.g. `ActiveDirectoryIntegrated`, `ActiveDirectoryPassword`, `ActiveDirectoryServicePrincipal`,`ActiveDirectoryInteractive`, `ActiveDirectoryDefault`, and `ActiveDirectoryManagedIdentity`.
+- **Connectivity to SQL Server**: Provides robust and secure connections to SQL Server databases, using various authentication methods, such as Windows Authentication, SQL Server Authentication, and Entra ID authentication, e.g. `ActiveDirectoryIntegrated`, `ActiveDirectoryPassword`, `ActiveDirectoryServicePrincipal`,`ActiveDirectoryInteractive`, `ActiveDirectoryDefault`, and `ActiveDirectoryManagedIdentity`.
 - **Connection Resiliency**: Implements connection resiliency features to handle transient faults and network issues, ensuring reliable database connectivity.
 - **TLS Encryption**: Supports secure connections using TLS protocols to encrypt data in transit. Supports TLS 1.2 and higher, ensuring secure communication with SQL Server. Supported encryption modes are: 
   - **Optional**: Encryption is used if available, but not required.

.github/instructions/architecture.instructions.md

@@ -133,7 +133,7 @@ Entry point for database connectivity. Manages:
 - Connection string parsing (via `SqlConnectionStringBuilder`)
 - Connection pooling integration
 - Transaction enlistment (local and distributed)
-- Authentication (SQL, Windows, Azure AD)
+- Authentication (SQL, Windows, Entra ID)
 
 ### SqlCommand
 Executes SQL statements and stored procedures:
@@ -159,7 +159,7 @@ Located in `ConnectionPool/`:
 Located in `SSPI/` and authentication-related files:
 - Windows Authentication (SSPI/Kerberos)
 - SQL Server Authentication
-- Azure Active Directory authentication modes
+- Entra ID authentication modes
 
 ### Always Encrypted
 Column-level encryption implementation:

.github/instructions/documentation.instructions.md

@@ -91,7 +91,7 @@ Working with SQL data types:
 
 ### Security Samples
 Authentication and encryption:
-- Azure AD authentication
+- Entra ID authentication
 - Always Encrypted
 - Azure Key Vault integration
 - SSL/TLS configuration

.github/instructions/external-resources.instructions.md

@@ -17,7 +17,7 @@ When working with Microsoft.Data.SqlClient, reference official documentation for
 | **Connection Pooling** | https://learn.microsoft.com/sql/connect/ado-net/sql-server-connection-pooling |
 | **Data Types** | https://learn.microsoft.com/sql/connect/ado-net/sql/sql-server-data-types |
 | **Always Encrypted** | https://learn.microsoft.com/sql/relational-databases/security/encryption/always-encrypted-database-engine |
-| **Azure AD Auth** | https://learn.microsoft.com/sql/connect/ado-net/sql/azure-active-directory-authentication |
+| **Entra ID Auth** | https://learn.microsoft.com/sql/connect/ado-net/sql/azure-active-directory-authentication |
 
 ### MS-TDS Protocol
 

.github/instructions/features.instructions.md

@@ -24,13 +24,13 @@ This is a comprehensive reference of supported connection string keywords.
 | `Integrated Security` | True/False, SSPI | Windows Authentication |
 | `User ID` | | SQL Server username |
 | `Password` | PWD | SQL Server password |
-| `Authentication` | See below | Azure AD authentication mode |
+| `Authentication` | See below | Entra ID authentication mode |
 | `Attestation Protocol` | None, HGS, AAS | Enclave attestation |
 
 #### Authentication Modes
 - `SqlPassword` - SQL Server authentication
-- `ActiveDirectoryPassword` - Azure AD with password
-- `ActiveDirectoryIntegrated` - Azure AD integrated
+- `ActiveDirectoryPassword` - Entra ID with password
+- `ActiveDirectoryIntegrated` - Entra ID integrated
 - `ActiveDirectoryInteractive` - Interactive browser auth
 - `ActiveDirectoryServicePrincipal` - Service principal
 - `ActiveDirectoryManagedIdentity` - Managed identity

.github/instructions/testing.instructions.md

@@ -34,7 +34,7 @@ src/Microsoft.Data.SqlClient/tests/
 - Full integration tests with SQL Server
 - Require `config.json` setup
 - Test real database operations
-- Include Always Encrypted, Azure AD tests
+- Include Always Encrypted, Entra ID tests
 
 ## Test Configuration
 
@@ -58,7 +58,7 @@ Copy `config.default.json` to `config.json` and configure:
 |----------|-------------|
 | `TCPConnectionString` | Primary TCP connection |
 | `NPConnectionString` | Named Pipes connection |
-| `AADPasswordConnectionString` | Azure AD password auth |
+| `AADPasswordConnectionString` | Entra ID password auth |
 | `AzureKeyVaultURL` | AKV for encryption tests |
 | `EnclaveEnabled` | Enable enclave tests |
 | `FileStreamDirectory` | FileStream test path |
@@ -310,7 +310,7 @@ Common test helper class:
 ```csharp
 DataTestUtility.TCPConnectionString  // Get TCP connection
 DataTestUtility.AreConnStringsSetup  // Check if config exists
-DataTestUtility.IsAADPasswordConnStrSetup  // Check AAD config
+DataTestUtility.IsAADPasswordConnStrSetup  // Check Entra ID config
 ```
 
 ### AssertExtensions

BUILDGUIDE.md

@@ -40,12 +40,12 @@ Manual Tests require the below setup to run:
   |TCPConnectionStringAASSGX | (Optional) Connection String for a TCP enabled SQL Server with a SGX Enclave and using Microsoft Azure Attestation (AAS) attestation protocol configuration. | `Server=tcp:{servername}; Database={Database_Name}; UID={UID}; PWD={PWD}; Attestation Protocol = AAS; Enclave Attestation Url = {AttestationURL};`|
   |EnclaveEnabled | Enables tests requiring an enclave-configured server.|
   |TracingEnabled | Enables EventSource related tests |
-  |AADAuthorityURL | (Optional) Identifies the OAuth2 authority resource for `Server` specified in `AADPasswordConnectionString` | `https://login.windows.net/<tenant>`, where `<tenant>` is the tenant ID of the Azure Active Directory (Azure AD) tenant |
-  |AADPasswordConnectionString | (Optional) Connection String for testing Azure Active Directory Password Authentication. | `Data Source={server.database.windows.net}; Initial Catalog={Azure_DB_Name};Authentication=Active Directory Password; User ID={AAD_User}; Password={AAD_User_Password};`|
+  |AADAuthorityURL | (Optional) Identifies the OAuth2 authority resource for `Server` specified in `AADPasswordConnectionString` | `https://login.windows.net/<tenant>`, where `<tenant>` is the tenant ID of the Entra ID (Azure AD) tenant |
+  |AADPasswordConnectionString | (Optional) Connection String for testing Entra ID Password Authentication. | `Data Source={server.database.windows.net}; Initial Catalog={Azure_DB_Name};Authentication=Active Directory Password; User ID={AAD_User}; Password={AAD_User_Password};`|
   |AADSecurePrincipalId | (Optional) The Application Id of a registered application which has been granted permission to the database defined in the AADPasswordConnectionString. | {Application ID} |
   |AADSecurePrincipalSecret | (Optional) A Secret defined for a registered application which has been granted permission to the database defined in the AADPasswordConnectionString. | {Secret} |
   |AzureKeyVaultURL | (Optional) Azure Key Vault Identifier URL | `https://{keyvaultname}.vault.azure.net/` |
-  |AzureKeyVaultTenantId | (Optional) The Azure Active Directory tenant (directory) Id of the service principal. | _{Tenant ID of Active Directory}_ |
+  |AzureKeyVaultTenantId | (Optional) The Entra ID tenant (directory) Id of the service principal. | _{Tenant ID of Active Directory}_ |
   |SupportsIntegratedSecurity | (Optional) Whether or not the USER running tests has integrated security access to the target SQL Server.| `true` OR `false`|
   |LocalDbAppName | (Optional) If Local Db Testing is supported, this property configures the name of Local DB App instance available in client environment. Empty string value disables Local Db testing. | Name of Local Db App to connect to.|
   |LocalDbSharedInstanceName | (Optional) If LocalDB testing is supported and the instance is shared, this property configures the name of the shared instance of LocalDB to connect to. | Name of shared instance of LocalDB. |

CHANGELOG.md

@@ -19,7 +19,7 @@ Also released as part of this milestone:
 
 ### Changed
 
-- **Breaking:** Removed Azure dependencies from the core package. Azure AD / Entra authentication (`ActiveDirectoryAuthenticationProvider` and related types) has been extracted into a new `Microsoft.Data.SqlClient.Extensions.Azure` package. The core `Microsoft.Data.SqlClient` package no longer depends on `Azure.Core`, `Azure.Identity`, or their transitive dependencies. Applications using Azure AD authentication must now install `Microsoft.Data.SqlClient.Extensions.Azure` separately.
+- **Breaking:** Removed Azure dependencies from the core package. Entra ID authentication (`ActiveDirectoryAuthenticationProvider` and related types) has been extracted into a new `Microsoft.Data.SqlClient.Extensions.Azure` package. The core `Microsoft.Data.SqlClient` package no longer depends on `Azure.Core`, `Azure.Identity`, or their transitive dependencies. Applications using Entra ID authentication must now install `Microsoft.Data.SqlClient.Extensions.Azure` separately.
   ([#1108](https://github.com/dotnet/SqlClient/issues/1108),
    [#3680](https://github.com/dotnet/SqlClient/pull/3680),
    [#3902](https://github.com/dotnet/SqlClient/pull/3902),

doc/apps/AzureAuthentication/EntryPoint.cs

@@ -19,7 +19,7 @@ public static int Main(string[] args)
         {
             Description =
                 "The ADO.NET connection string used to connect to SQL Server. " +
-                "Supports SQL, Azure AD, and integrated authentication modes.",
+                "Supports SQL, Entra ID, and integrated authentication modes.",
             Required = true
         };
 

doc/apps/AzureAuthentication/README.md

@@ -77,7 +77,7 @@ Usage:
 
 Options:
   -c, --connection-string <connection-string> (REQUIRED)  The ADO.NET connection string used to connect to SQL Server.
-                                                          Supports SQL, Azure AD, and integrated authentication modes.
+                                                          Supports SQL, Entra ID, and integrated authentication modes.
   -l, --log-events                                        Enable SqlClient event emission to the console.
   -t, --trace                                             Pauses execution to allow dotnet-trace to be attached.
   -v, --verbose                                           Enable verbose output with detailed error information.
@@ -91,7 +91,7 @@ The app expects a single argument: a full connection string.
 dotnet run -- -c "<connection string>"
 ```
 
-For Azure AD authentication, use an `Authentication` keyword in the connection string. For example:
+For Entra ID authentication, use an `Authentication` keyword in the connection string. For example:
 
 ```bash
 dotnet run -- -c "Server=myserver.database.windows.net;Database=mydb;Authentication=ActiveDirectoryDefault"
@@ -134,7 +134,7 @@ Run with the default (published) package versions, and no `Azure` package:
 dotnet run -- -c "<connection string>"
 ```
 
-If the connection string specifies one of the Azure Active Directory authentication methods,
+If the connection string specifies one of the Entra ID authentication methods,
 `SqlClient` will fail with an error indicating that no authentication provider has been registered.
 This is because the `Azure` package was not referenced, and the app did not provide its own custom
 authentication provider.
@@ -160,6 +160,6 @@ dotnet run -p:SqlClientVersion=7.0.0-preview1 -p:AkvProviderVersion=7.0.0-previe
 ## Prerequisites
 
 - [.NET 10.0 SDK](https://dotnet.microsoft.com/download) and .NET Framework 4.8.1 or later.
-- A SQL Server or Azure SQL instance accessible with Azure AD credentials.
+- A SQL Server or Azure SQL instance accessible with Entra ID credentials.
 - Azure credentials available to `DefaultAzureCredential` (e.g. Azure CLI login, environment
   variables, or managed identity).