1

I am trying to connect to cosmos db table api using Managed Identity. According to the documentation here, cosmos db supports Managed Identity. I couldn't find any documentation that says anything specific about table api. I am using .Net standark SDK but it doesn't seem to have support for Managed Identity.

Is it possible to use Managed Identity with Cosmos Db table api?

If yes, What should I do to use Managed Identity for CosmosDb table api?

Thanks.

Sajeetharan
  • 216,225
  • 63
  • 350
  • 396
Sankar Mantripragada
  • 134
  • 11

2 Answers2

1

Currently Managed Identity with CosmosDB dataplane works only for SQL API.

Is it possible to use Managed Identity with Cosmos Db table api?

enter image description here

No

Sajeetharan
  • 216,225
  • 63
  • 350
  • 396
0

I would do the following:

  1. Ensure you're on the latest version of the Microsoft.Azure.Cosmos package
  2. Ensure that you're using Azure.Identity (MSAL) as opposed to Microsoft.Azure.Services.AppAuthentication (ADAL, which is deprecated)
  3. Ensure that you've enabled managed identity for your app
  4. Ensure that you've created a role assignment for that managed identity's object/application ID in your Cosmos database (either read only or read/write)
  5. Get a CosmosClient with something similar to var cosmosClient = new CosmosClient('yourCosmosClientDBUrl', new DefaultAzureCredential());

DefaultAzureCredential is the Azure.Identity way of getting your access token to a service - it tries to look for authentication info in the following order:

  1. Environment variables
  2. Managed identity injected into the environment
  3. Shared token cache credential
  4. Visual Studio credential
  5. Visual Studio Code credential
  6. AZ CLI credential
  7. Powershell Az credential
  8. Interactive credential (popup browser window)
WaitingForGuacamole
  • 3,744
  • 1
  • 8
  • 22