Skip to content

Latest commit

 

History

History
61 lines (42 loc) · 3.2 KB

README.md

File metadata and controls

61 lines (42 loc) · 3.2 KB

Azure AccessToken

Package Name NuGet Description
NLog.Extensions.AzureAccessToken NuGet Azure App Authentication Access Token

Using Active Directory Default authentication

Microsoft.Data.SqlClient 2.0.0 (and newer) supports Authentication option in the ConnectionString, that enables builtin AD authentication. This removes the need for using NLog.Extensions.AzureAccessToken.

Example with Authentication assigned to Active Directory Default:

string ConnectionString = @"Server=demo.database.windows.net; Authentication=Active Directory Default; Database=testdb;";

Active Directory Default uses DefaultAzureCredential from Azure.Identity-package that supports the following identity-providers:

  • EnvironmentCredential - Authentication to Azure Active Directory based on environment variables.
  • ManagedIdentityCredential - Authentication to Azure Active Directory using identity assigned to deployment environment.
  • SharedTokenCacheCredential - Authentication using tokens in the local cache shared between Microsoft applications.
  • VisualStudioCredential - Authentication to Azure Active Directory using data from Visual Studio
  • VisualStudioCodeCredential - Authentication to Azure Active Directory using data from Visual Studio Code
  • AzureCliCredential - Authentication to Azure Active Directory using Azure CLI to obtain an access token

See also: Using Active Directory Default authentication

Managed Identity Configuration with DatabaseTarget

Remember to setup the DbProvider for the DatabaseTarget to use Microsoft SqlConnection, and also remember to add the matching nuget-package.

Syntax

<extensions>
  <add assembly="NLog.Extensions.AzureAccessToken" /> 
</extensions>

<targets>
  <target xsi:type="Database" connectionString="...">
    <dbProvider>Microsoft.Data.SqlClient.SqlConnection, Microsoft.Data.SqlClient</dbProvider>
    <connectionProperty name="AccessToken" layout="${AzureAccessToken:ResourceName=${gdc:DatabaseHostSuffix}}"  />
  </target>
</targets>
NLog.GlobalDiagnosticsContext.Set("DatabaseHostSuffix", $"https://{DatabaseHostSuffix}/");
NLog.LogManager.LoadConfiguration("nlog.config");

Parameters

ResourceName - AzureServiceTokenProvider Resource (Ex. https://management.azure.com or https://database.windows.net/ or https://storage.azure.com/). Layout Required.

TenantId - AzureServiceTokenProvider TenantId (or directory Id) of your Azure Active Directory. Layout Optional.

ConnectionString - AzureServiceTokenProvider ConnectionString Layout Optional.

AzureAdInstance - AzureServiceTokenProvider AzureAdInstance Layout Optional.