# azure-identity > Microsoft Azure Identity Library for Python - **URL**: https://www.freshcrate.ai/projects/azure-identity - **Author**: pypi - **Category**: Security - **Latest version**: `azure-mgmt-computelimit_1.1.0` (2026-06-02) - **License**: Unknown - **Source**: https://github.com/Azure/azure-sdk-for-python - **Homepage**: https://pypi.org/project/azure-identity/ - **Language**: Python - **GitHub**: 5,526 stars, 3,285 forks - **Registry**: pypi (`azure-identity`) - **Tags**: `azure`, `pypi`, `sdk` ## Description # Azure Identity client library for Python The Azure Identity library provides [Microsoft Entra ID](https://learn.microsoft.com/entra/fundamentals/whatis) token-based authentication support across the Azure SDK. It provides a set of [`TokenCredential`][token_cred_ref]/[`SupportsTokenInfo`][supports_token_info_ref] implementations, which can be used to construct Azure SDK clients that support Microsoft Entra token authentication. [Source code](https://github.com/Azure/azure-sdk-for-python/blob/main/sdk/identity/azure-identity) | [Package (PyPI)](https://pypi.org/project/azure-identity/) | [Package (Conda)](https://anaconda.org/microsoft/azure-identity/) | [API reference documentation][ref_docs] | [Microsoft Entra ID documentation](https://learn.microsoft.com/entra/identity/) ## Getting started ### Install the package Install Azure Identity with pip: ```sh pip install azure-identity ``` ### Prerequisites - An [Azure subscription](https://azure.microsoft.com/free/python) - Python 3.9 or a recent version of Python 3 (this library doesn't support end-of-life versions) ### Authenticate the client When debugging and executing code locally, it's typical for a developer to use their own account for authenticating calls to Azure services. There are several developer tools that can be used to perform this authentication in your development environment. For more information, see [Authentication during local development](https://learn.microsoft.com/azure/developer/python/sdk/authentication/overview#authentication-during-local-development). ## Key concepts ### Credentials A credential is a class that contains or can obtain the data needed for a service client to authenticate requests. Service clients across the Azure SDK accept a credential instance when they're constructed, and use that credential to authenticate requests. The Azure Identity library focuses on OAuth authentication with Microsoft Entra ID. It offers various credential classes capable of acquiring a Microsoft Entra access token. See the [Credential classes](#credential-classes "Credential classes") section for a list of this library's credential classes. ### DefaultAzureCredential `DefaultAzureCredential` simplifies authentication while developing apps that deploy to Azure by combining credentials used in Azure hosting environments with credentials used in local development. For more information, see [DefaultAzureCredential overview][dac_overview]. #### Continuation policy As of version 1.14.0, `DefaultAzureCredential` attempts to authenticate with all developer credentials until one succeeds, regardless of any errors previous developer credentials experienced. For example, a developer credential may attempt to get a token and fail, so `DefaultAzureCredential` will continue to the next credential in the flow. Deployed service credentials stop the flow with a thrown exception if they're able to attempt token retrieval, but don't receive one. Prior to version 1.14.0, developer credentials would similarly stop the authentication flow if token retrieval failed, but this is no longer the case. This allows for trying all of the developer credentials on your machine while having predictable deployed behavior. ## Examples The following examples are provided: - [Define a custom authentication flow with ChainedTokenCredential](#define-a-custom-authentication-flow-with-chainedtokencredential "Define a custom authentication flow with ChainedTokenCredential") - [Async credentials](#async-credentials "Async credentials") ### Define a custom authentication flow with `ChainedTokenCredential` While `DefaultAzureCredential` is generally the quickest way to authenticate apps for Azure, you can create a customized chain of credentials to be considered. `ChainedTokenCredential` enables users to combine multiple credential instances to define a customized chain of credentials. For more information, see [ChainedTokenCredential overview][ctc_overview]. ### Async credentials This library includes a set of async APIs. To use the async credentials in [azure.identity.aio][ref_docs_aio], you must first install an async transport, such as [aiohttp](https://pypi.org/project/aiohttp/). For more information, see [azure-core documentation][azure_core_transport_doc]. Async credentials should be closed when they're no longer needed. Each async credential is an async context manager and defines an async `close` method. For example: ```python from azure.identity.aio import DefaultAzureCredential # call close when the credential is no longer needed credential = DefaultAzureCredential() ... await credential.close() # alternatively, use the credential as an async context manager credential = DefaultAzureCredential() async with credential: ... ``` This example demonstrates authenticating the asynchronous `SecretClient` from [azure-keyvault-secrets][azure_keyvault_secrets] with an asynchronous credential. ```python from azure.identity.aio import DefaultAzureCreden ## Recent releases | Version | Date | Urgency | Changes | | --- | --- | --- | --- | | `azure-mgmt-computelimit_1.1.0` | 2026-06-02 | High | ## 1.1.0 (2026-05-26) ### Features Added - Client `ComputeLimitMgmtClient` added operation group `vm_families` - Added model `FeatureEnableRequest` - Added model `VmFamily` - Added model `VmFamilyProperties` - Operation group `FeaturesOperations` added method `begin_disable` - Added operation group `VmFamiliesOperations` | | `azure-appconfiguration-provider_2.5.0` | 2026-05-26 | High | ## 2.5.0 (2026-05-22) ### Features Added - Added `refresh_enabled` parameter to the `load` method. Defaults to `True` if `refresh_on` is set. When set to `True` without `refresh_on` keys, all selected key-values are monitored for changes. When set to `False`, calling `refresh` will be a no-op. - Added the ability to monitor all selected key-values for refresh with the `refresh_enabled` kwarg. When this kwarg is set to `True`, and `refresh_on` is not specified, changes to any selected key-value | | `azure-mgmt-storage_25.0.0` | 2026-05-20 | High | ## 25.0.0 (2026-05-19) ### Features Added - Client `StorageManagementClient` added method `send_request` - Client `StorageManagementClient` added operation group `connectors` - Client `StorageManagementClient` added operation group `data_shares` - Enum `AccessTier` added member `SMART` - Enum `AllowedCopyScope` added member `ALL` - Enum `TriggerType` added member `MOCK_RUN` - Model `AzureEntityResource` added property `system_data` - Model `BlobContainer` added property `system | | `azure-mgmt-storagesync_1.0.1` | 2026-05-14 | High | ## 1.0.1 (2026-05-14) ### Other Changes - Regenerated with latest code generator tool | | `azure-mgmt-attestation_2.0.0` | 2026-05-08 | High | ## 2.0.0 (2026-05-08) ### Features Added - Client `AttestationManagementClient` added parameter `cloud_setting` in method `__init__` - Client `AttestationManagementClient` added method `send_request` - Client `AttestationManagementClient` added operation group `private_link_resources` - Model `AttestationServiceCreationSpecificParams` added property `public_network_access` - Model `AttestationServiceCreationSpecificParams` added property `tpm_attestation_authentication` - Model `At | | `azure-batch_15.1.0` | 2026-05-01 | High | ## 15.1.0 (2026-03-06) ### Other Changes - This is the GA release of the features introduced in the 15.0.0 and 15.1.0 beta versions, including LRO support, job-level FIFO scheduling, CMK support on pools, IPv6 support, metadata security protocol support, IP tag support, and confidential VM enhancements. ### Breaking Changes - Renamed `BatchNodeUserUpdateOptions` to `BatchNodeUserReplaceOptions`. - Renamed `OutputFileUploadConfig` to `OutputFileUploadConfiguration`. - Removed Models: - Rem | | `azure-postgresql-auth_1.0.2` | 2026-04-29 | High | ## 1.0.2 (2026-04-28) ### Bugs Fixed - Removed dependency on `DefaultAzureCredential` in source library - Fixed `get_entra_conninfo_async` and `get_entra_token_async` closing the credential by using it as a context manager ### Other Changes - Bumped minimum dependency on `azure-core` to `>=1.31.0` | | `azure-mgmt-hybridkubernetes_1.2.0` | 2026-04-23 | High | ## 1.2.0 (2026-04-23) ### Other Changes - Regenerate SDK code with latest code generator tool | | `azure-template_0.1.0b6187637` | 2026-04-21 | High | ## 0.1.0b6187637 (2026-04-21) ### Features Added - Some feature ### Breaking Changes - Some breaking change ### Bugs Fixed - Some bug fix ### Other Changes - Some other change | | `1.25.3` | 2026-04-21 | Low | Imported from PyPI (1.25.3) | ## Dependency audit - **Score**: 98/100 - **Total deps**: 0 - **Resolved**: 0 - **Unresolved**: 0 - **License conflicts**: 0 - **Warnings**: 1 - **Scanned**: 2026-05-25 ## Citation - HTML: https://www.freshcrate.ai/projects/azure-identity - Markdown: https://www.freshcrate.ai/projects/azure-identity.md - Dependencies JSON: https://www.freshcrate.ai/api/projects/azure-identity/deps _Generated by freshcrate.ai. Indexes pypi releases for AI-agent ecosystem packages._