I am new to azure and i am trying to implement multi tenant authentication using their go sdk but cant find anything similar in the sdk nor the go sdk docs.
I came across this article Guidance for multi-tenant applications using the Azure Identity libraries that mentions how to implement it via the language sdk's but it does not contain any examples for golang.
What i'm trying to do is something similar to how its being done in .NET in this code snippet
var credential = new DefaultAzureCredential(new DefaultAzureCredentialOptions
{
AdditionallyAllowedTenants = { "<tenant_id_1>", "<tenant_id_2>" }
});
Has anyone tried implementing this via the azure go sdk and found success?
This is finally made available in the azure go sdk. Below is an example code snippet on how to achieve this.
import(
"github.com/Azure/azure-sdk-for-go/sdk/azcore/arm"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resources/armsubscriptions"
)
auxTenants := []string{"azure-tenant-id-1", "azure-tenant-id-2"}
cred, err := azidentity.NewClientSecretCredential(tenantID,
clientID, secret,
// AdditionallyAllowedTenants prevents the credential from trying
// to authenticate in an unexpected tenant. All credential types
// capable of multitenant auth have this option.
&azidentity.ClientSecretCredentialOptions{
AdditionallyAllowedTenants: auxTenants},)
if err != nil {
// TODO: handle error
}
// armsubscription is just an example, all ARM clients have this
// same options API
client, err := armsubscription.NewSubscriptionsClient(cred,
// client will add a token for each of these tenants to every
// request.
&arm.ClientOptions{AuxiliaryTenants: auxTenants},
)
Unfortunately, this feature was not present in the azure go sdk at the time of asking this question.
I had later on, opened a GitHub issue for the same where i was presented with a custom workaround till the actual feature got shipped in the beta release of the go sdk.
Github issue reference - https://github.com/Azure/azure-sdk-for-go/issues/19726