I have a question about managed identity in Azure and it works fine. I would like to test the application locally and I know that I just need to set AZURE_CLIENT_ID, AZURE_TENANT_ID and AZURE_CLIENT_SECRET in the launchsettings. This makes everything work great. But my problem is that there are multiple people working on the project and each has their own application entra id and therefore different settings too.
Of course it is possible to add more profiles, but then the secrets would be shared across the repository and I don't like that very much. Adding launchsettings to git ignore doesn't seem very handy to me either. I've tried using secrets (but somehow I can't create a transform there) - this may just be my fault for setting it up wrong.
I would like to be able to have each user have their own set up, but not share h on across repostiroy
Is there a solution? Or how do you approach this problem? Thanks a lot
You can narrow the problem down to how to configure AZURE_CLIENT_SECRET
locally on developer's machine without committing to git.
The answer is, configure it in user secrets instead launchsettings.json.
A typical sequence of configuration providers is:
- appsettings.json
- appsettings.{Environment}.json
- User secrets
- Environment variables using the Environment Variables configuration provider.
- Command-line arguments using the Command-line configuration provider.
The preceding sequence of providers is used in the default configuration.
if you put the settings to launchsetting.json, they will passed as environment variables, so it overwrites any user secrets.
Instead, add those keys to applicationsettings.json and leave a comment that it should be configured in user secrets.
For example:
{
"AZURE_TENANT_ID": "1b7d6e4a-de27-4867-b238-000000000000",
"AZURE_CLIENT_ID": "2cdac4ac-c9a0-4b11-845c-000000000000",
"AZURE_CLIENT_SECRET": //todo: configure in user secrets
}