スキル azure-identity-ts

📦

azure-identity-ts

Name: azure-identity-ts
Author: sickn33

安全

Authenticate to Azure Services

This skill provides documentation and examples for authenticating to Azure services using the Azure Identity SDK for JavaScript and TypeScript. It supports multiple authentication methods including managed identities, service principals, and developer credentials.

対応: Claude Codex Code(CC)

⚠️ 68 貧弱

スキルZIPをダウンロード

Claudeでアップロード

設定 → 機能 → スキル → スキルをアップロードへ移動

オンにして利用開始

テストする

「azure-identity-ts」を使用しています。 How do I authenticate using DefaultAzureCredential?

期待される結果:

Use DefaultAzureCredential for automatic authentication method selection:

```typescript
import { DefaultAzureCredential } from '@azure/identity';
import { BlobServiceClient } from '@azure/storage-blob';

const credential = new DefaultAzureCredential();
const blobClient = new BlobServiceClient(
'https://<account>.blob.core.windows.net',
credential
);
```

The credential chain tries: Environment → Workload Identity → Managed Identity → VS Code → Azure CLI → Azure PowerShell → Azure Developer CLI

「azure-identity-ts」を使用しています。 Set up managed identity for my Azure function

期待される結果:

Use ManagedIdentityCredential for Azure Functions with system-assigned identity:

```typescript
import { ManagedIdentityCredential } from '@azure/identity';

const credential = new ManagedIdentityCredential();
// For user-assigned identity, pass the clientId:
// const credential = new ManagedIdentityCredential({ clientId: '<user-assigned-client-id>' });
```

セキュリティ監査

安全

v1 • 2/24/2026

This is a documentation skill for Azure Identity SDK. Static findings are false positives - the skill documents authentication methods (environment variables, CLI commands, certificate paths) which are standard for authentication library documentation. No executable code, no credential handling, only documentation with placeholder values.

スキャンされたファイル

309

解析された行数

検出結果

総監査数

高リスクの問題 (2)

SKILL.md:67 SKILL.md:197 SKILL.md:200 SKILL.md:202 SKILL.md:259

External Commands Documentation (False Positive)

Lines 67, 197, 200, 202, 259 reference CLI commands (az login, azd auth login, Connect-AzAccount). These are documentation showing what commands Azure SDK invokes, not actual execution. The skill is documentation only.

SKILL.md:24 SKILL.md:25 SKILL.md:26 SKILL.md:32 SKILL.md:33 SKILL.md:41 SKILL.md:42

Environment Variables Documentation (False Positive)

Lines 24-26, 32-33, 41-42 document AZURE_TENANT_ID, AZURE_CLIENT_ID, etc. This is standard documentation for authentication libraries - showing users what environment variables the SDK expects.

中リスクの問題 (1)

SKILL.md:56 SKILL.md:234

Network URL Documentation (False Positive)

Lines 56 and 234 contain example Azure URLs (blob.core.windows.net, cognitiveservices.azure.com). These are example endpoints for documentation purposes, not actual network calls.

低リスクの問題 (2)

SKILL.md:34 SKILL.md:118 SKILL.md:126

Certificate Path Documentation (False Positive)

Lines 34, 118, 126 show example certificate paths like /path/to/cert.pem. These are placeholder examples in documentation, not actual sensitive files.

SKILL.md:234

Filesystem Path Documentation (False Positive)

Line 234 shows Kubernetes path /var/run/secrets/tokens/azure-identity. This is documentation about workload identity token locations, not actual file access.

監査者: claude

品質スコア

アーキテクチャ

100

保守性

コンテンツ

コミュニティ

セキュリティ

100

仕様準拠

作れるもの

Azure App Service Authentication

Configure managed identity authentication for a Node.js app running on Azure App Service to access Azure Storage

CI/CD Pipeline Authentication

Set up service principal authentication for automated deployments without interactive login

Local Development Setup

Use Azure CLI credential for local development with same authentication flow as production

これらのプロンプトを試す

Basic Azure Authentication

How do I authenticate to Azure using DefaultAzureCredential in my TypeScript project?

Managed Identity Setup

Show me how to use managed identity to authenticate from an Azure VM

Service Principal Auth

How do I authenticate using a service principal with client secret?

Custom Credential Chain

Create a custom credential chain that tries managed identity first, then falls back to Azure CLI

ベストプラクティス

Use DefaultAzureCredential in most cases - it automatically selects the best auth method
Prefer managed identity in production to avoid storing secrets
Use ChainedTokenCredential to create custom fallback chains for reliability

回避

Hardcoding client secrets in source code - use environment variables instead
Using interactive credentials in production - use managed identity or service principals
Ignoring credential chain failures - always configure proper fallback options

よくある質問

What is DefaultAzureCredential?

DefaultAzureCredential is a chain that tries multiple authentication methods in order: EnvironmentCredential, WorkloadIdentityCredential, ManagedIdentityCredential, VisualStudioCodeCredential, AzureCliCredential, AzurePowerShellCredential, and AzureDeveloperCliCredential. It works automatically in both development and production.

When should I use managed identity?

Use managed identity when your application runs on Azure services that support it (App Service, VMs, AKS, Functions). It eliminates the need to manage secrets and is the recommended authentication method for production Azure workloads.

How do I authenticate locally during development?

Use AzureCliCredential, AzurePowerShellCredential, or AzureDeveloperCliCredential for local development. Run 'az login', 'Connect-AzAccount', or 'azd auth login' once to authenticate, and the SDK will use those credentials.

What is the difference between service principal and managed identity?

A service principal is an application registration in Azure AD that you create and manage manually. Managed identity is an identity automatically created by Azure for resources like VMs or App Services. Managed identity requires no secret management.

Can I use certificates for authentication?

Yes, use ClientCertificateCredential with a certificate path and optional password, or set AZURE_CLIENT_CERTIFICATE_PATH environment variable. This is more secure than client secrets for service principal authentication.

How do I handle sovereign clouds?

Use the authorityHost option with AzureAuthorityHosts (AzureGovernment, AzureChina) when creating credentials. Pass it in the credential constructor options.

開発者の詳細

作成者

sickn33

ライセンス

MIT

リポジトリ

https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/azure-identity-ts

参照

main

ファイル構成

📄 SKILL.md