While this part wasn't discussed during the stream because Microsoft.Data.SqlClient v3 wasn't release yet, it's too good an update to not mention it here.
The official .NET SQL driver, Microsoft.Data.SqlClient, now supports AAD authentication natively, meaning the responsibility of acquiring a token, attaching it to a connection, and dealing with caching renewing isn't ours anymore 🎉!
This means that we can delete a bunch of code (see the diff linked below), and focus on the application's business logic.
To opt in to use AAD authentication, we now have to use the Authentication keyword in our connection string.
The two values that we're most interested in are:
| "Authentication" keyword value | Azure.Identity credential used behind the scenes | Typical scenario |
|---|---|---|
| Active Directory Managed Identity | ManagedIdentityCredential |
When the app is running on Azure |
| Active Directory Default | DefaultAzureCredential |
When running the app locally |
Interesting links on the matter:
- Supported values for the "Authentication" keyword: https://docs.microsoft.com/en-us/sql/connect/ado-net/sql/azure-active-directory-authentication?view=sql-server-ver15#setting-azure-active-directory-authentication.
- A post on my blog describing this solution: https://mderriey.com/2021/07/23/new-easy-way-to-use-aad-auth-with-azure-sql/.
Diff from previous tag: 7.leverage-interceptors-to-use-aad-auth-with-tokens...8-use-native-aad-auth-support-in-microsoft-data-sqlclient