globallayer/azure-identity-rust
skills/azure-identity-rust/SKILL.md
Azure Identity SDK for Rust authentication. Use for DeveloperToolsCredential, ManagedIdentityCredential, ClientSecretCredential, and token-based authentication.
tools
Updated May 17, 2026
$ install --global
skillsauthnpx skillsauth add globallayer/claude-code-skills azure-identity-rustInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 17, 2026, 2:19 AM202.4s1 file scanned
SKILL.md
- name:
- azure-identity-rust
- description:
- Azure Identity SDK for Rust authentication. Use for DeveloperToolsCredential, ManagedIdentityCredential, ClientSecretCredential, and token-based authentication.
- risk:
- unknown
- source:
- community
- date_added:
- 2026-02-27
Azure Identity SDK for Rust
Authentication library for Azure SDK clients using Microsoft Entra ID (formerly Azure AD).
Installation
cargo add azure_identity
Environment Variables
# Service Principal (for production/CI)
AZURE_TENANT_ID=<your-tenant-id>
AZURE_CLIENT_ID=<your-client-id>
AZURE_CLIENT_SECRET=<your-client-secret>
# User-assigned Managed Identity (optional)
AZURE_CLIENT_ID=<managed-identity-client-id>
DeveloperToolsCredential
The recommended credential for local development. Tries developer tools in order (Azure CLI, Azure Developer CLI):
use azure_identity::DeveloperToolsCredential;
use azure_security_keyvault_secrets::SecretClient;
let credential = DeveloperToolsCredential::new(None)?;
let client = SecretClient::new(
"https://my-vault.vault.azure.net/",
credential.clone(),
None,
)?;
Credential Chain Order
| Order | Credential | Environment |
|-------|-----------|-------------|
| 1 | AzureCliCredential | az login |
| 2 | AzureDeveloperCliCredential | azd auth login |
Credential Types
| Credential | Usage |
|------------|-------|
| DeveloperToolsCredential | Local development - tries CLI tools |
| ManagedIdentityCredential | Azure VMs, App Service, Functions, AKS |
| WorkloadIdentityCredential | Kubernetes workload identity |
| ClientSecretCredential | Service principal with secret |
| ClientCertificateCredential | Service principal with certificate |
| AzureCliCredential | Direct Azure CLI auth |
| AzureDeveloperCliCredential | Direct azd CLI auth |
| AzurePipelinesCredential | Azure Pipelines service connection |
| ClientAssertionCredential | Custom assertions (federated identity) |
ManagedIdentityCredential
For Azure-hosted resources:
use azure_identity::ManagedIdentityCredential;
// System-assigned managed identity
let credential = ManagedIdentityCredential::new(None)?;
// User-assigned managed identity
let options = ManagedIdentityCredentialOptions {
client_id: Some("<user-assigned-mi-client-id>".into()),
..Default::default()
};
let credential = ManagedIdentityCredential::new(Some(options))?;
ClientSecretCredential
For service principal with secret:
use azure_identity::ClientSecretCredential;
let credential = ClientSecretCredential::new(
"<tenant-id>".into(),
"<client-id>".into(),
"<client-secret>".into(),
None,
)?;
Best Practices
- Use
DeveloperToolsCredentialfor local dev — automatically picks up Azure CLI - Use
ManagedIdentityCredentialin production — no secrets to manage - Clone credentials — credentials are
Arc-wrapped and cheap to clone - Reuse credential instances — same credential can be used with multiple clients
- Use
tokiofeature —cargo add azure_identity --features tokio
Reference Links
| Resource | Link | |----------|------| | API Reference | https://docs.rs/azure_identity | | Source Code | https://github.com/Azure/azure-sdk-for-rust/tree/main/sdk/identity/azure_identity | | crates.io | https://crates.io/crates/azure_identity |
When to Use
This skill is applicable to execute the workflow or actions described in the overview.
Limitations
- Use this skill only when the task clearly matches the scope described above.
- Do not treat the output as a substitute for environment-specific validation, testing, or expert review.
- Stop and ask for clarification if required inputs, permissions, safety boundaries, or success criteria are missing.
Related Skills
globallayer/constant-time-analysis
development
VerifiedTrustedCommunity
Analyze cryptographic code to detect operations that leak secret data through execution timing variations.
SKILL.mdUpdated May 23, 2026
globallayer/confluence-automation
tools
VerifiedTrustedCommunity
Automate Confluence page creation, content search, space management, labels, and hierarchy navigation via Rube MCP (Composio). Always search tools first for current schemas.
SKILL.mdUpdated May 23, 2026
globallayer/configure-ecc
development
VerifiedTrustedCommunity
Interactive installer for Everything Claude Code — guides users through selecting and installing skills and rules to user-level or project-level directories, verifies paths, and optionally optimizes installed files.
SKILL.mdUpdated May 23, 2026
globallayer/conductor-validator
testing
VerifiedTrustedCommunity
Validates Conductor project artifacts for completeness, consistency, and correctness. Use after setup, when diagnosing issues, or before implementation to verify project context.
SKILL.mdUpdated May 23, 2026