Skip to content

Add next-gen config + DI tab to local-development-dev-accounts#54371

Draft
alexwolfmsft wants to merge 4 commits into
mainfrom
alexwolfmsft/azuresdk-next-gen-di-local-dev
Draft

Add next-gen config + DI tab to local-development-dev-accounts#54371
alexwolfmsft wants to merge 4 commits into
mainfrom
alexwolfmsft/azuresdk-next-gen-di-local-dev

Conversation

@alexwolfmsft

@alexwolfmsft alexwolfmsft commented Jun 12, 2026
edited by github-actions Bot
Loading

Copy link
Copy Markdown
Contributor

Summary

Adds a preview tab for the Azure.Identity configuration and dependency injection pattern alongside the existing Microsoft.Extensions.Azure flow in docs/azure/sdk/authentication/local-development-dev-accounts.md. The next-gen pattern is tracked by Azure/azure-sdk-for-net#55491 and ships service-specific extensions like AddSecretClient that bind clients (and their credentials) to an appsettings.json section, with no TokenCredential constructed in code.

Changes

Article — local-development-dev-accounts.md

  • Frontmatter: ms.date bumped to 06/12/2026; added ai-usage: ai-assisted.
  • Replaced the single ### Implement the code block under "Authenticate to Azure services from your app" with two ###-level tabs:
    • Microsoft.Extensions.Azure (stable) — the original 4-step AddAzureClients + UseCredential walkthrough, unchanged.
    • Azure.Identity configuration and DI (preview)SCME0002 callout with the <NoWarn> snippet, then steps for dotnet package add --prerelease, the KeyVaultSecrets appsettings.json schema (with the full list of supported CredentialSource values), and the builder.AddSecretClient("KeyVaultSecrets") registration. Closing note explains the fallback to generic builder.AddAzureClient<T, TSettings> for libraries that haven't shipped service-specific extensions yet.

Snippet project — docs/azure/sdk/snippets/authentication/local-dev-account/

  • LocalDevAccount.csproj:
    • <NoWarn>$(NoWarn);SCME0002</NoWarn> in the PropertyGroup.
    • <PackageReference Include="Azure.Security.KeyVault.Secrets" VersionOverride="4.12.0-beta.1" /> — per-project override so the shared Directory.Packages.props stays on the stable 4.11.0 line for the five sibling snippet projects.
  • Program.cs:
    • Added using Azure.Security.KeyVault.Secrets;.
    • New registerUsingNextGen(WebApplicationBuilder) function with a snippet_NextGenAddSecretClient region containing builder.AddSecretClient("KeyVaultSecrets");.
    • Wired into the WebApplication.CreateBuilder flow so the snippet compiles in context.
  • appsettings.json: added the matching KeyVaultSecrets section with VaultUri and Credential.CredentialSource.

Validation

  • dotnet build on LocalDevAccount.csproj0 errors, 0 warnings.
  • Snippet region IDs (snippet_NextGenAddSecretClient) match the new :::code reference in the article.
  • No anchor links in the repo target #implement-the-code, so removing that heading is safe.

AI usage

This PR was authored with AI assistance using GitHub Copilot. The ai-usage: ai-assisted frontmatter field was added accordingly.

Open considerations

  • The preview package (Azure.Security.KeyVault.Secrets 4.12.0-beta.1) and the SCME0002 diagnostic will both need a revisit once the APIs stabilize. The "rolling out incrementally" note in the next-gen tab should also be revisited as more service libraries adopt the pattern.
  • This PR is opened draft intentionally — the underlying API surface is in preview and feedback from the Azure SDK team would be helpful before marking it ready for review.

Internal previews

📄 File 🔗 Preview link
docs/azure/sdk/authentication/local-development-dev-accounts.md Authenticate .NET apps to Azure services during local development using developer accounts

@alexwolfmsft
docs(azure-sdk): add next-gen config + DI tab to local-dev-accounts
1d9fddb 
Add a preview-tab for the Azure.Identity configuration and dependency injection pattern alongside the existing Microsoft.Extensions.Azure flow. Wires AddSecretClient against Azure.Security.KeyVault.Secrets 4.12.0-beta.1 via VersionOverride, suppresses SCME0002, and adds a KeyVaultSecrets appsettings.json section bound by the new snippet region.
Copilot AI review requested due to automatic review settings June 12, 2026 19:05
@dotnetrepoman dotnetrepoman Bot added this to the June 2026 milestone Jun 12, 2026
Copilot AI reviewed Jun 12, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds a second, preview “Azure.Identity configuration and dependency injection” tab to the local development authentication article, alongside the existing Microsoft.Extensions.Azure flow, and updates the associated snippet project to compile with the preview registration pattern.

Changes:

  • Updated local-development-dev-accounts.md to introduce two DI registration patterns (stable vs. preview) and added ai-usage frontmatter.
  • Updated the local-dev-account snippet project to suppress SCME0002, reference a preview Key Vault package, and add a new snippet region for AddSecretClient.
  • Added a matching KeyVaultSecrets configuration section in the snippet’s appsettings.json.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 4 comments.

File Description
docs/azure/sdk/authentication/local-development-dev-accounts.md Adds the new preview tab content and references the new snippet region.
docs/azure/sdk/snippets/authentication/local-dev-account/Program.cs Adds a next-gen registration helper and snippet region for AddSecretClient.
docs/azure/sdk/snippets/authentication/local-dev-account/LocalDevAccount.csproj Suppresses SCME0002 and references a preview Key Vault Secrets package via VersionOverride.
docs/azure/sdk/snippets/authentication/local-dev-account/appsettings.json Adds KeyVaultSecrets configuration used by the new registration snippet.

Comment thread docs/azure/sdk/authentication/local-development-dev-accounts.md
Comment thread docs/azure/sdk/authentication/local-development-dev-accounts.md Outdated
Comment on lines +77 to +78
- **Microsoft.Extensions.Azure (stable)** — register clients with `AddAzureClients` and pass a `TokenCredential` to `UseCredential` in code. Use this pattern for production apps today.
- **Azure.Identity configuration and DI (preview)** — bind clients and their credentials to a section of `appsettings.json`. No `TokenCredential` instance is constructed in code. Tracked by [azure-sdk-for-net#55491](https://github.com/Azure/azure-sdk-for-net/issues/55491).
Comment thread docs/azure/sdk/authentication/local-development-dev-accounts.md Outdated

The package pulls in a compatible prerelease of `Azure.Identity` transitively.

1. In `appsettings.json`, add a section that describes the client endpoint and credential. The section name is arbitrary — you reference it by name when you register the client:
Comment thread docs/azure/sdk/authentication/local-development-dev-accounts.md Outdated

:::code language="csharp" source="../snippets/authentication/local-dev-account/Program.cs" id="snippet_NextGenAddSecretClient":::

The credential is resolved from the `Credential` subsection automatically — no `TokenCredential` instance is constructed in code.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@JonathanCrd JonathanCrd Awaiting requested review from JonathanCrd JonathanCrd will be requested when the pull request is marked ready for review JonathanCrd is a code owner

@jsquire jsquire Awaiting requested review from jsquire jsquire will be requested when the pull request is marked ready for review jsquire is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

June 2026

Development

Successfully merging this pull request may close these issues.

2 participants

@alexwolfmsft