Skills azure-identity-ts

📦

azure-identity-ts

Name: azure-identity-ts
Author: sickn33

Safe

Authenticate to Azure Services

This skill provides documentation and examples for authenticating to Azure services using the Azure Identity SDK for JavaScript and TypeScript. It supports multiple authentication methods including managed identities, service principals, and developer credentials.

Supports: Claude Codex Code(CC)

⚠️ 68 Poor

Download the skill ZIP

Upload in Claude

Go to Settings → Capabilities → Skills → Upload skill

Toggle on and start using

Test it

Using "azure-identity-ts". How do I authenticate using DefaultAzureCredential?

Expected outcome:

Use DefaultAzureCredential for automatic authentication method selection:

```typescript
import { DefaultAzureCredential } from '@azure/identity';
import { BlobServiceClient } from '@azure/storage-blob';

const credential = new DefaultAzureCredential();
const blobClient = new BlobServiceClient(
'https://<account>.blob.core.windows.net',
credential
);
```

The credential chain tries: Environment → Workload Identity → Managed Identity → VS Code → Azure CLI → Azure PowerShell → Azure Developer CLI

Using "azure-identity-ts". Set up managed identity for my Azure function

Expected outcome:

Use ManagedIdentityCredential for Azure Functions with system-assigned identity:

```typescript
import { ManagedIdentityCredential } from '@azure/identity';

const credential = new ManagedIdentityCredential();
// For user-assigned identity, pass the clientId:
// const credential = new ManagedIdentityCredential({ clientId: '<user-assigned-client-id>' });
```

Security Audit

Safe

v1 • 2/24/2026

This is a documentation skill for Azure Identity SDK. Static findings are false positives - the skill documents authentication methods (environment variables, CLI commands, certificate paths) which are standard for authentication library documentation. No executable code, no credential handling, only documentation with placeholder values.

Files scanned

309

Lines analyzed

findings

Total audits

High Risk Issues (2)

SKILL.md:67 SKILL.md:197 SKILL.md:200 SKILL.md:202 SKILL.md:259

External Commands Documentation (False Positive)

Lines 67, 197, 200, 202, 259 reference CLI commands (az login, azd auth login, Connect-AzAccount). These are documentation showing what commands Azure SDK invokes, not actual execution. The skill is documentation only.

SKILL.md:24 SKILL.md:25 SKILL.md:26 SKILL.md:32 SKILL.md:33 SKILL.md:41 SKILL.md:42

Environment Variables Documentation (False Positive)

Lines 24-26, 32-33, 41-42 document AZURE_TENANT_ID, AZURE_CLIENT_ID, etc. This is standard documentation for authentication libraries - showing users what environment variables the SDK expects.

Medium Risk Issues (1)

SKILL.md:56 SKILL.md:234

Network URL Documentation (False Positive)

Lines 56 and 234 contain example Azure URLs (blob.core.windows.net, cognitiveservices.azure.com). These are example endpoints for documentation purposes, not actual network calls.

Low Risk Issues (2)

SKILL.md:34 SKILL.md:118 SKILL.md:126

Certificate Path Documentation (False Positive)

Lines 34, 118, 126 show example certificate paths like /path/to/cert.pem. These are placeholder examples in documentation, not actual sensitive files.

SKILL.md:234

Filesystem Path Documentation (False Positive)

Line 234 shows Kubernetes path /var/run/secrets/tokens/azure-identity. This is documentation about workload identity token locations, not actual file access.

Audited by: claude

Quality Score

Architecture

100

Maintainability

Content

Community

Security

100

Spec Compliance

What You Can Build

Azure App Service Authentication

Configure managed identity authentication for a Node.js app running on Azure App Service to access Azure Storage

CI/CD Pipeline Authentication

Set up service principal authentication for automated deployments without interactive login

Local Development Setup

Use Azure CLI credential for local development with same authentication flow as production

Try These Prompts

Basic Azure Authentication

How do I authenticate to Azure using DefaultAzureCredential in my TypeScript project?

Managed Identity Setup

Show me how to use managed identity to authenticate from an Azure VM

Service Principal Auth

How do I authenticate using a service principal with client secret?

Custom Credential Chain

Create a custom credential chain that tries managed identity first, then falls back to Azure CLI

Best Practices

Use DefaultAzureCredential in most cases - it automatically selects the best auth method
Prefer managed identity in production to avoid storing secrets
Use ChainedTokenCredential to create custom fallback chains for reliability

Avoid

Hardcoding client secrets in source code - use environment variables instead
Using interactive credentials in production - use managed identity or service principals
Ignoring credential chain failures - always configure proper fallback options

Frequently Asked Questions

What is DefaultAzureCredential?

DefaultAzureCredential is a chain that tries multiple authentication methods in order: EnvironmentCredential, WorkloadIdentityCredential, ManagedIdentityCredential, VisualStudioCodeCredential, AzureCliCredential, AzurePowerShellCredential, and AzureDeveloperCliCredential. It works automatically in both development and production.

When should I use managed identity?

Use managed identity when your application runs on Azure services that support it (App Service, VMs, AKS, Functions). It eliminates the need to manage secrets and is the recommended authentication method for production Azure workloads.

How do I authenticate locally during development?

Use AzureCliCredential, AzurePowerShellCredential, or AzureDeveloperCliCredential for local development. Run 'az login', 'Connect-AzAccount', or 'azd auth login' once to authenticate, and the SDK will use those credentials.

What is the difference between service principal and managed identity?

A service principal is an application registration in Azure AD that you create and manage manually. Managed identity is an identity automatically created by Azure for resources like VMs or App Services. Managed identity requires no secret management.

Can I use certificates for authentication?

Yes, use ClientCertificateCredential with a certificate path and optional password, or set AZURE_CLIENT_CERTIFICATE_PATH environment variable. This is more secure than client secrets for service principal authentication.

How do I handle sovereign clouds?

Use the authorityHost option with AzureAuthorityHosts (AzureGovernment, AzureChina) when creating credentials. Pass it in the credential constructor options.

Developer Details

Author

sickn33

License

MIT

Repository

https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/azure-identity-ts

Ref

main

File structure

📄 SKILL.md