Microsoft.Identity.Client.ManagedIdentity.KeyProviders.WindowsManagedIdentityKeyProvider
Windows-specific managed identity key provider that implements a hierarchical key selection strategy.
Attempts to use the most secure key source available in the following priority order:
1. KeyGuard (CVM/TVM) if available - provides VBS (Virtualization-based Security) isolation
2. Hardware (TPM/KSP via Microsoft Platform Crypto Provider) - hardware-backed keys
3. In-memory fallback - software-based keys stored in memory
namespace Microsoft.Identity.Client.ManagedIdentity.KeyProviders
{
internal sealed class WindowsManagedIdentityKeyProvider : IManagedIdentityKeyProvider
{
public Task<ManagedIdentityKeyInfo> GetOrCreateKeyAsync(ILoggerAdapter logger, CancellationToken ct);
public WindowsManagedIdentityKeyProvider();
}
}