Skip to content

Adds login through federated identity for Azure Devops. Closes #6649 #6670

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 2 commits into from
Closed

Adds login through federated identity for Azure Devops. Closes #6649 #6670

wants to merge 2 commits into from

Conversation

martinlingstuyl
Copy link
Contributor

@martinlingstuyl martinlingstuyl commented Apr 3, 2025
edited
Loading

Closes #6649

Adds login through federated identity for Azure Devops.

The issue description contains how the setup works.

To test what's in this PR you can use my personal published CLI package:

- task: Npm@1
  inputs:
    command: 'custom'
    customCommand: 'install @martinlingstuyl/cli-microsoft365@next -g'

You also need to create an Entra ID application with a federated credential. Check out the issue specs to know what to add there in terms of subject and issuer.

Make sure to also test the GitHub setup (Check out the GitHub PR #6611), as I've refactored the code for federated credentials to use a single setup for both CI/CD platforms.

@Adam-it Adam-it self-assigned this Apr 18, 2025
@martinlingstuyl martinlingstuyl requested a review from Copilot April 24, 2025 19:04
Copilot
Copilot AI reviewed Apr 24, 2025
View reviewed changes
Copy link

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds support for login via federated identity for Azure DevOps, while unifying the federated identity flow for both GitHub Actions and Azure DevOps.

  • Updated the refined schema in the login command to recognize the new "federatedIdentity" auth type.
  • Enhanced Auth.ts to retrieve and use federated tokens from both GitHub Actions and Azure DevOps, including support for service connections.
  • Extended Auth.spec.ts with tests covering various scenarios for federated identity flows.

Reviewed Changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 1 comment.

File Description
src/m365/commands/login.ts Updated options refinement to include federatedIdentity authentication type.
src/Auth.ts Added logic to handle federated identity flows for Azure DevOps, including service connection handling and token retrieval.
src/Auth.spec.ts New test cases covering Azure DevOps federated identity scenarios with and without service connections.

@martinlingstuyl martinlingstuyl force-pushed the martinlingstuyl/feature/federatedcredentials-devops branch from b6220f5 to 6b005a7 Compare April 24, 2025 19:51
Adam-it
Adam-it requested changes Apr 24, 2025
View reviewed changes
Copy link
Member

@Adam-it Adam-it left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@martinlingstuyl awesome work 👏👏👏👏👏👏👏
Works like a charm unless you do not debug 😜
Leaving a comment as agreed over internal chat
let me know when it's ready for a recheck

@Adam-it Adam-it marked this pull request as draft April 24, 2025 21:52
@martinlingstuyl martinlingstuyl marked this pull request as ready for review April 25, 2025 09:25
@martinlingstuyl
Copy link
Contributor Author

Ok, I updated it and published a new beta package on martinlingstuyl.

PLease do not forget checking if without service connection also works. And if github also still works :-)

Adam-it
Adam-it approved these changes May 11, 2025
View reviewed changes
Copy link
Member

@Adam-it Adam-it left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Awesome work 👏👏👏👏👏
checked locally
GH
image
AZDO
image

@Adam-it
Copy link
Member

Adam-it commented May 11, 2025

Ready to merge 🚀

@martinlingstuyl
Copy link
Contributor Author

Nice!!

@Adam-it
Copy link
Member

Adam-it commented May 11, 2025

Merged manually.
Awesome work 👏
You Rock 🤩
You should serioulsy present this on one of the PnP Community Calls!!!! 🚀

@Adam-it Adam-it closed this May 11, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@Adam-it Adam-it Adam-it approved these changes

Assignees

@Adam-it Adam-it

Labels
pr-merged
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add login through federated identity for Azure Devops
2 participants
@martinlingstuyl @Adam-it