FrancoStino/azure-identity-rust
bundled-skills/azure-identity-rust/SKILL.md
Azure Identity SDK for Rust authentication. Use for DeveloperToolsCredential, ManagedIdentityCredential, ClientSecretCredential, and token-based authentication.
$ install --global
skillsauthnpx skillsauth add FrancoStino/opencode-skills-antigravity azure-identity-rustInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
4 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
4
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 27, 2026, 2:51 PM1.7s1 file scanned
SKILL.md
- name:
- azure-identity-rust
- description:
- Azure Identity SDK for Rust authentication. Use for DeveloperToolsCredential, ManagedIdentityCredential, ClientSecretCredential, and token-based authentication.
- risk:
- unknown
- source:
- community
- date_added:
- 2026-02-27
Azure Identity SDK for Rust
Authentication library for Azure SDK clients using Microsoft Entra ID (formerly Azure AD).
Installation
cargo add azure_identity
Environment Variables
# Service Principal (for production/CI)
AZURE_TENANT_ID=<your-tenant-id>
AZURE_CLIENT_ID=<your-client-id>
AZURE_CLIENT_SECRET=<your-client-secret>
# User-assigned Managed Identity (optional)
AZURE_CLIENT_ID=<managed-identity-client-id>
DeveloperToolsCredential
The recommended credential for local development. Tries developer tools in order (Azure CLI, Azure Developer CLI):
use azure_identity::DeveloperToolsCredential;
use azure_security_keyvault_secrets::SecretClient;
let credential = DeveloperToolsCredential::new(None)?;
let client = SecretClient::new(
"https://my-vault.vault.azure.net/",
credential.clone(),
None,
)?;
Credential Chain Order
| Order | Credential | Environment |
|-------|-----------|-------------|
| 1 | AzureCliCredential | az login |
| 2 | AzureDeveloperCliCredential | azd auth login |
Credential Types
| Credential | Usage |
|------------|-------|
| DeveloperToolsCredential | Local development - tries CLI tools |
| ManagedIdentityCredential | Azure VMs, App Service, Functions, AKS |
| WorkloadIdentityCredential | Kubernetes workload identity |
| ClientSecretCredential | Service principal with secret |
| ClientCertificateCredential | Service principal with certificate |
| AzureCliCredential | Direct Azure CLI auth |
| AzureDeveloperCliCredential | Direct azd CLI auth |
| AzurePipelinesCredential | Azure Pipelines service connection |
| ClientAssertionCredential | Custom assertions (federated identity) |
ManagedIdentityCredential
For Azure-hosted resources:
use azure_identity::ManagedIdentityCredential;
// System-assigned managed identity
let credential = ManagedIdentityCredential::new(None)?;
// User-assigned managed identity
let options = ManagedIdentityCredentialOptions {
client_id: Some("<user-assigned-mi-client-id>".into()),
..Default::default()
};
let credential = ManagedIdentityCredential::new(Some(options))?;
ClientSecretCredential
For service principal with secret:
use azure_identity::ClientSecretCredential;
let credential = ClientSecretCredential::new(
"<tenant-id>".into(),
"<client-id>".into(),
"<client-secret>".into(),
None,
)?;
Best Practices
- Use
DeveloperToolsCredentialfor local dev — automatically picks up Azure CLI - Use
ManagedIdentityCredentialin production — no secrets to manage - Clone credentials — credentials are
Arc-wrapped and cheap to clone - Reuse credential instances — same credential can be used with multiple clients
- Use
tokiofeature —cargo add azure_identity --features tokio
Reference Links
| Resource | Link | |----------|------| | API Reference | https://docs.rs/azure_identity | | Source Code | https://github.com/Azure/azure-sdk-for-rust/tree/main/sdk/identity/azure_identity | | crates.io | https://crates.io/crates/azure_identity |
When to Use
This skill is applicable to execute the workflow or actions described in the overview.
Limitations
- Use this skill only when the task clearly matches the scope described above.
- Do not treat the output as a substitute for environment-specific validation, testing, or expert review.
- Stop and ask for clarification if required inputs, permissions, safety boundaries, or success criteria are missing.
Related Skills
FrancoStino/youtube-full
development
VerifiedTrustedCommunity
Fetch YouTube transcripts, search videos, browse channels, and extract playlists via TranscriptAPI — no yt-dlp, no Google API key, works from any cloud server.
31SKILL.mdUpdated Jun 5, 2026
FrancoStino/yield-intelligence
development
VerifiedTrustedCommunity
Passive income portfolio analysis — activate when user asks about dividend yields, Treasury rates, REIT income, monthly passive income goals, or portfolio yield optimization. Scans 4 asset classes, ranks by risk-adjusted return, and builds allocations targeting a specific monthly income.
31SKILL.mdUpdated Jun 5, 2026
FrancoStino/vibecode-production-qa-validator
devops
VerifiedTrustedCommunity
End-to-end production QA, build verification, and launch-readiness checklist for fullstack Next.js apps. Covers TypeScript, linting, tests, build, SEO tags, route regression, and sitemap validation.
31SKILL.mdUpdated Jun 5, 2026
FrancoStino/vibe-code-cleanup
development
VerifiedTrustedCommunity
Safe production cleanup and hardening for vibe-coded fullstack apps (Next.js, React, Node.js, etc.). Removes dead imports, unused files, and broken references without breaking routes or APIs.
31SKILL.mdUpdated Jun 5, 2026