Using Azure Managed identities

Yeah Cosmos db supports managed identity

He did a step Behind the scenes
Where he assigned the managed identity to Target resource (Azure storage account)

@@chinmayshetye3 Okay, I did the same. I made an app config and assigned app config data reader role to user defined identity then added this user defined identity to my app service. Now since my login in AD has the rights to contribute , shouldn't the connect via DefaultAzureCredential via user assigned client id shouldn't work? but this is giving me forbidden error.

@@jayaraut Check if the DefaultAzureCredential is picking the credentials of the user you assigned role to

@chinmayshetye3 ok I figured the same yesterday. I have to assign same set of roles to my user too as the managed identity to get it working locally. That worked! Though I haven't deployed the code yet on app service to check managed identity which I hope will work but it was working locally.

@@jayaraut you can use your managed identity with DefaultAzureCredential object, you need to pass it as property while initialisation

DefaultAzureCredential failed to retrieve a token from the included credentials.
- EnvironmentCredential authentication unavailable. Environment variables are not fully configured.
- ManagedIdentityCredential authentication unavailable. No Managed Identity endpoint found.
- Process "C:\Program Files\Microsoft Visual Studio\2022\Preview\Common7\IDE\Extensions\3fhsnrhg.f0v\TokenService\Microsoft.Asal.TokenService.exe" has failed with unexpected error: TS003: Error, Could not load file or assembly 'Microsoft.VisualStudio.Validation, Version=16.8.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' or one of its dependencies. The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040).
- Stored credentials not found. Need to authenticate user in VSCode Azure Account.
- Azure CLI not installed
- PowerShell is not installed.