Enables authentication to Microsoft Entra ID using a client secret or certificate.

Configuration is attempted in this order, using these environment variables:

Service principal with secret:VariableDescriptionAZURE_TENANT_IDThe Microsoft Entra tenant (directory) ID.AZURE_CLIENT_IDThe client (application) ID of an App Registration in the tenant.AZURE_CLIENT_SECRETA client secret that was generated for the App Registration.Service principal with certificate:VariableDescriptionAZURE_TENANT_IDThe Microsoft Entra tenant (directory) ID.AZURE_CLIENT_IDThe client (application) ID of an App Registration in the tenant.AZURE_CLIENT_CERTIFICATE_PATHPath to the client certificate and the private key. The path must be to either a "pfx"- or "pem"-encoded certificate on disk, or a certificate in the platform certificate store by thumbprint. For example: c:\data\certificate.pfx/etc/app/cert.pemcert:/CurrentUser/My/E661583E8FABEF4C0BEF694CBC41C28FB81CD870AZURE_CLIENT_CERTIFICATE_PASSWORD(Optional) The password protecting the certificate file (currently only supported for PFX (PKCS12) certificates).AZURE_CLIENT_SEND_CERTIFICATE_CHAIN(Optional) Specifies whether an authentication request will include an x5c header to support subject name / issuer based authentication. When set to `true` or `1`, authentication requests include the x5c header.Username and password:VariableDescriptionAZURE_TENANT_IDThe Microsoft Entra tenant (directory) ID.AZURE_CLIENT_IDThe client (application) ID of an App Registration in the tenant. This credential ultimately uses a ClientSecretCredential or ClientCertificateCredential to perform the authentication using these details. Please consult the documentation of those classes for more details.