We are using azure-identity java library and the below code to get TokenCredential which is in turn used to access azure resources.
public TokenCredential buildCredential() {
return new ChainedTokenCredentialBuilder()
.addFirst(new WorkloadIdentityCredentialBuilder().build())
.addLast(new AzureCliCredentialBuilder().build())
.build();
}
When we are trying to debug locally we are getting below exception and it stops processing.
IllegalArgumentException: Must provide non-null values for Client ID, Tenant ID, Service Token File Path properties in WorkloadIdentityCredentialBuilder
We have found below solution. Is it possible to implement it using the earlier code without depending on active profiles? Our expectation is that it should continue processing without throwing any exception and use AzureCliCredentialBuilder.
public TokenCredential buildCredential() {
if (activeProfiles != null && activeProfiles.contains("local")) {
return new AzureCliCredentialBuilder().build();
}
return new WorkloadIdentityCredentialBuilder().build();
}
The
IllegalArgumentExceptionerror occurred due to missing required parameters forWorkloadIdentityCredentialBuilder.If you want to ignore errors from
WorkloadIdentityCredentialBuilder, you can catch theCredentialUnavailableExceptionthat it throws and continue with the next credential in the chain, which isAzureCliCredentialBuilderin your case.Here's an updated version of your
buildCredentialmethod that implements this approach:This will try to get a token from
WorkloadIdentityCredentialBuilderfirst, and if it's not available, it will catch theCredentialUnavailableExceptionand try to get a token fromAzureCliCredentialBuilderReference:
Troubleshoot Azure-hosted application authentication - Azure SDK for Java | Microsoft Learn