Add Federated Identity Credentials support #203
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This was referenced Nov 5, 2025
Merged
heyitsaamir
force-pushed
the
aamirj/UMI
branch
from
9aea378 to
718bc09
Compare
heyitsaamir
force-pushed
the
aamirj/fic
branch
3 times, most recently
from
a1b11bb to
b222662
Compare
heyitsaamir
force-pushed
the
aamirj/UMI
branch
from
b7b879b to
e855432
Compare
heyitsaamir
force-pushed
the
aamirj/fic
branch
from
b222662 to
49c8535
Compare
heyitsaamir
force-pushed
the
aamirj/UMI
branch
from
e855432 to
0943c05
Compare
heyitsaamir
force-pushed
the
aamirj/fic
branch
from
49c8535 to
14137e4
Compare
heyitsaamir
force-pushed
the
aamirj/UMI
branch
from
0943c05 to
42eddff
Compare
heyitsaamir
force-pushed
the
aamirj/fic
branch
3 times, most recently
from
58517da to
fb334f0
Compare
rido-min
approved these changes
Nov 6, 2025
lilyydu
reviewed
Nov 6, 2025
heyitsaamir
force-pushed
the
aamirj/UMI
branch
from
c0c20a0 to
10ede46
Compare
heyitsaamir
force-pushed
the
aamirj/fic
branch
from
fb334f0 to
f5aff4f
Compare
heyitsaamir
commented
Nov 7, 2025
heyitsaamir
force-pushed
the
aamirj/fic
branch
from
f5aff4f to
205625f
Compare
lilyydu
approved these changes
Nov 7, 2025
heyitsaamir
added a commit
that referenced
this pull request
Nov 7, 2025
In this PR, we introduce [MSAL](https://learn.microsoft.com/en-us/entra/msal/python/) as a dependency to take care of authentication for us. We replace the use of bot token client with this library. It still uses secrets by default, but uses MSAL to do it. Tested the general flows (regular + graph) #### PR Dependency Tree * **PR #191** 👈 * **PR #192** * **PR #203** This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
heyitsaamir
force-pushed
the
aamirj/UMI
branch
from
cf783ca to
a71a0f0
Compare
heyitsaamir
force-pushed
the
aamirj/fic
branch
from
205625f to
416253f
Compare
heyitsaamir
added a commit
that referenced
this pull request
Nov 7, 2025
Adds native support for User Managed Identity via MSAL. Tested with UMI. It's enabled when CLIENT_ID is set and CLIENT_SECRET is not. | CLIENT_ID | CLIENT_SECRET | MANAGED_IDENTITY_CLIENT_ID | Output | |-|-|-|-| | not_set | | | No-Auth | | set | set | | SecretsAuth | | set | not_set | | User Managed Identity Auth | | set | not_set | set (same as CLIENT_ID) | User Managed Identity Auth | | set | not_set | set (diff from CLIENT_ID) | FIC (user managed identity) | | set | not_set | "system" | FIC (system identity) | #### PR Dependency Tree * **PR #192** 👈 * **PR #203** This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal)
heyitsaamir
force-pushed
the
aamirj/fic
branch
from
416253f to
3c7f2f3
Compare
Merged
heyitsaamir
added a commit
that referenced
this pull request
Nov 10, 2025
- Remove support for 3.14 (#207) - Add Federated Identity Credentials support (#203) - Add User Managed Identity support via MSAL (#192) - Introduce msal (#191) - Populate empty package READMEs with usage examples (#196) - Rename Teams AI to Teams SDK 🎉 (#201) - HTTPPlugin : Add a builder option to provide custom server (enables providing options like ssl etc) (#185) - get type hint of class, not object (#202) - Temporary: skip streaming tests (#200) - Fix workflow
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adds support for Federated Identity Credentials.
Federated Identity Credentials has a two step process. It first uses managed identity (UMI or SI) to get an token-assertion. This then is used to build a ConfidentialClient to get the actual token.
PR Dependency Tree
This tree was auto-generated by Charcoal