Share via

Azure auth for developing on macOS

Robert Christian 0 Reputation points
2025-12-19T22:05:49.5066667+00:00

This is about using Azure,

working on an Apple computer,

authenticating the app when running locally.

I have a TypeScript-based app I want to deploy to Azure Container Apps and I'm trying to setup the App Configuration part. My local is macOS and I'm surprised that I keep seeing this note in the Azure libraries:

https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity-broker/README.md
"Brokered authentication is currently only supported on Windows and Linux. macOS isn't yet supported."

https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity-vscode/README.md

"Visual Studio Code authentication is currently only supported on Windows and Linux. macOS isn't yet supported."

Am I missing something? I'm pretty sure the majority of web developers are on Apple computers and I find it really hard to believe that MS would just leave Apple-based developers out in the cold. Even if MS does choose to ignore Apple users, at the very least I would expect MS to author a Docker image or something along those lines so developers can easily spawn a Linux environment that has the required auth components. For VS Code users, DevContainers simplifies the workflow of getting the project code mounted in a container. If MS thinks that they can force developers on to Windows-based machines by not supporting macOS, GOOD LUCK WITH THAT.

I'm really surprised that I'm having to jump through so many hoops just to get auth setup so my app can pull down its configuration.

I must be doing something wrong. Can someone point me in the right direction?

Or am I not wrong and MS really has made it this hard, in spite of all the other cool stuff they've done like the Azure Developer CLI and the VS Code extension for Azure. I really get the impression that MS has made a significant effort to make the developer's lives easier, and so far I've been impressed, but when it comes to setting up auth/identity, it's very much the opposite, and the statement that "macOS isn't yet supported" really shocks me.

Azure App Configuration
Azure App Configuration
An Azure service that provides hosted, universal storage for Azure app configurations.
0 comments

5 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Q&A Assist
    2025-12-19T22:06:02.98+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    To authenticate your TypeScript-based app running on macOS with Azure services, you can use the DefaultAzureCredential class from the Azure Identity library. This class is designed to work in local development environments and can discover user credentials from your local tooling or IDE, such as the Azure CLI or Visual Studio Code.

    Here are the steps you can follow:

    1. Install the Azure Identity Library: Make sure you have the @azure/identity package installed in your project. You can do this by running: 
         npm install @azure/identity
    2. Use DefaultAzureCredential: In your application code, import the DefaultAzureCredential and use it to authenticate your Azure services. Here’s a simple example: 
         import { DefaultAzureCredential } from '@azure/identity';
   import { SomeAzureServiceClient } from '@azure/some-azure-sdk';
   
   const credential = new DefaultAzureCredential();
   const client = new SomeAzureServiceClient(credential);
    3. Authenticate with Azure CLI: Before running your application, ensure you are logged in to your Azure account via the Azure CLI. You can log in by running: 
         az login
      This will open a browser window for you to authenticate.
    4. Check for Permissions: Ensure that your Azure account has the necessary permissions to access the resources you are trying to configure in Azure App Configuration.

    While it is true that some features like brokered authentication and Visual Studio Code authentication are not supported on macOS, using DefaultAzureCredential should provide a viable workaround for local development. This approach allows you to authenticate without needing the specific brokered authentication features that are currently limited to Windows and Linux.

    If you encounter any issues, consider checking the Azure documentation for more detailed guidance on authentication flows and troubleshooting tips.

    References:

    0 comments
  2. Robert Christian 0 Reputation points
    2025-12-19T23:32:59.53+00:00

    Okay, I figured out what I was doing wrong. Solution below.

    First, AI says that brokered authentication is an alternative way to auth and I can instead just auth through either the vs-code library, or more simply with AzureCliCredential from @azure/identity. I went with the latter.

    The other mistake I made is that I was passing my AppConfiguration URL to a Key Vault client and not the App Configuration client. It would help if MS would improve the error messaging, because I didn't see this mistake for a while.

    Included is my working code. Hope it's helpful for anyone who's getting started with Azure. Note, I'm using Deno.

    import { AppConfigurationClient } from '@azure/app-configuration'
import type {
	AzureCliCredential,
	DefaultAzureCredential,
	ManagedIdentityCredential,
} from '@azure/identity'

export async function getConfigAzure({
	serviceName,
	separator='.',
	credential,
}: {
	serviceName: string,
	credential: AzureCliCredential | DefaultAzureCredential | ManagedIdentityCredential,
	separator?: string,
}) {
	const client = new AppConfigurationClient('https://bdp-apps-config.azconfig.io', credential)
	const prefix = ['your', 'prefix', serviceName].join(separator) + separator
	const keyFilter = prefix + '*'
	for await (const setting of client.listConfigurationSettings({ keyFilter })) {
		const key = setting.key.replace(prefix, '')
		console.log('setting:', key, setting.value)
	}
}


    import { getConfigAzure } from '@scope/shared'
import { useIdentityPlugin, AzureCliCredential } from '@azure/identity'
import { vsCodePlugin } from '@azure/identity-vscode'

useIdentityPlugin(vsCodePlugin)

try {
	Deno.env.set('AZURE_APP_CONFIG_ENDPOINT', 'https://your-apps-config.azconfig.io')
	const credential = new AzureCliCredential()

	const resp = await getConfigAzure({ serviceName: 'clock', credential })
	console.log(resp)
} catch (err) {
	console.error(err)
}
    0 comments
  3. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.

    Comments have been turned off. Learn more

  4. Robert Christian 0 Reputation points
    2025-12-19T23:40:32.7333333+00:00

    <DELETED>

    [Answer reposted because the website is not working right.]

    0 comments
  5. Robert Christian 0 Reputation points
    2025-12-19T23:52:49.7566667+00:00

    I've tried to post an answer twice now and the AI moderator keeps censoring me. I'm not doing anything wrong, just trying to show the solution.

    Solution was that I don't have to use brokered auth, I can instead use AzureCliCredential.

    Good luck. Sorry I can't show you the working code, MS won't allow it.

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.