Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature Request] Region auto enable on env variable #4930

Open
bgavrilMS opened this issue Sep 12, 2024 · 3 comments
Open

[Feature Request] Region auto enable on env variable #4930

bgavrilMS opened this issue Sep 12, 2024 · 3 comments
Labels
confidential-client Feature Request

Comments

@bgavrilMS
Copy link
Member

bgavrilMS commented Sep 12, 2024
edited
Loading

Region auto-enable

  1. On creation of a ConfidentialClientApplication, MSAL shall detect env variable MSAL_FORCE_REGION, which will be set to a specific region (e.g. westus1)
  2. If this env variable is set, MSAL shall opt-in to ESTS-R with the value of this variable.

Disabling the behavior

If region is explicitly set in MSAL to the string "DisableMsalForceRegion`, then the above no longer applies

Conflicts with WithAzureRegion(xyz)

Use of the api WithRegion(xyz) takes precedence over the env variable.

Acceptance tests

For all of the tests, assume env variable MSAL_FORCE_REGION=eastus

  1. No other config is used. ACTUAL region used: eastus
  2. App developer configures region "westus" in MSAL. ACTUAL region used: westus
  3. App developer configures region "DisableMsalForceRegion" in MSAL. ACTUAL region used: none

Alternatives

No response
@bgavrilMS bgavrilMS added untriaged Do not delete. Needed for Automation needs attention Delete label after triage labels Sep 12, 2024
@bgavrilMS bgavrilMS added Feature Request P1 and removed untriaged Do not delete. Needed for Automation needs attention Delete label after triage labels Sep 12, 2024
@weinong
Copy link

weinong commented Sep 13, 2024

It already does, no?
https://review.learn.microsoft.com/en-us/identity/microsoft-identity-platform/msal-net-regional-adoption?branch=main#providing-a-region-with-azureidentity

@bgavrilMS
Copy link
Member Author

It already does, no? https://review.learn.microsoft.com/en-us/identity/microsoft-identity-platform/msal-net-regional-adoption?branch=main#providing-a-region-with-azureidentity

No. Today app developers must explicitly opt-in to ESTS-R by using the API WithAzureRegion(string). They can either inject the region name directly, or they can use "TryAutoDetect" and MSAL has an algorithm to detect the region.

This proposal is for MSAL to auto-detect an env var, eliminating the need for app developer to use WithAzureRegion API.

@bgavrilMS bgavrilMS removed the P1 label Sep 20, 2024
This was referenced Sep 20, 2024
Open
Open
Open
Open
@rayluo
Copy link
Contributor

rayluo commented Sep 20, 2024

This proposal is for MSAL to auto-detect an env var, eliminating the need for app developer to use WithAzureRegion API.

This line shall be inserted into the very beginning of this feature description as a "Problem Statement" or a "WHY". :-)

Disabling the behavior

If region is explicitly set in MSAL to the string "DisableMsalForceRegion`, then the above no longer applies

Why do we need this special case? Wouldn't it be much more intuitive (and easier to implement) to do "if the env var MSAL_FORCE_REGION is absent or empty, then the above no longer applies"?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
confidential-client Feature Request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@rayluo @weinong @bgavrilMS