Handle authentication when using Azure SDKs in .NET (C#)

kosmos — Thu, 26 Jun 2025 18:34:49 +0000

When using official Azure SDKs in .NET (C#), you typically create a client first and pass the Credential to it. This time, I want to tweak that part a bit.

A common approach is to use ApiKeyCredential, where you pass the API key string. For example, something like the following.

var client =
    new AzureOpenAIClient(
        new Uri(openai_endpoint),
        new ApiKeyCredential(key)
    );

In Azure-related scenarios, when using Managed Identities or relying on local Azure CLI authentication information, you typically use DefaultAzureCredential as shown below.

var client =
    new AzureOpenAIClient(
        new Uri(openai_endpoint),
        new DefaultAzureCredential()
    );

This time, it's about how to handle situations when those scenarios don't fit. Here is a concrete example. Suppose you are using Azure OpenAI Service and aggregating API entry points with Azure API Management (APIM). Also, access from APIM to Azure OpenAI Service itself uses Managed Identities.
In this situation, when a user (client app) accesses APIM, you want to use a JWT access token obtained by the app to verify and determine access permission in APIM.
Inside the app, regardless of OpenAI, there might be an access token that allows access to, for example, an internal API server, and you want to use that to call Azure OpenAI managed by APIM. (Let's ignore the idea of handling this with Azure OpenAI's IAM for now. It can be troublesome if the account tenant and resource tenant differ, and you don't want to mess with IAM for just ordinary usage without privileges.)

So, what should you do when you already have an access token? The conclusion is that you can create and implement a custom TokenCredential by inheriting from Azure.Core.TokenCredential.

public class CustomCredential : Azure.Core.TokenCredential
{
    public override AccessToken GetToken(TokenRequestContext requestContext, CancellationToken cancellationToken)
    {
        return new AccessToken("your custom token", DateTimeOffset.UtcNow.AddHours(1));
    }

    public override async ValueTask<AccessToken> GetTokenAsync(TokenRequestContext requestContext, CancellationToken cancellationToken)
    {
        return new AccessToken("your custom token", DateTimeOffset.UtcNow.AddHours(1));
    }
}

You just create a class like that and pass it instead of other Credentials.

var client =
    new AzureOpenAIClient(
        new Uri(openai_endpoint),
        new CustomCredential()
    );

After that, GetToken()/GetTokenAsync() will be called when necessary, so it's fine to appropriately provide the access token or similar. If you also pass the RefreshOn argument, it should handle the update process (including re-calls) as needed.

TokenCredential Class

Basically, it is less troublesome to use derived classes of TokenCredential provided by the SDK or DefaultAzureCredential, but this is another possible approach. As a side note, since DefaultAzureCredential chains credentials, if the operating environment is fixed, such as deploying on Azure in a Release build, it is more efficient to pass ManagedIdentityCredential or fix it without chaining, as this reduces overhead.

Credential chains in the Azure Identity library for .NET

Find the alternative solutions about cloud-based load testing features

kosmos — Wed, 03 Jun 2020 20:22:05 +0000

Last year, Microsoft said discontinue cloud-based load testing features in Microsoft services such as Visual Studio and Azure DevOps.

Cloud-based load testing features will be retired on March 31, 2020

If you want to alternative solution and you like Apache JMeter, you can get our solutions from Azure Marketplace.

This service provide Apache JMeter server to your environment on Azure. You can start load test easily after deploy process. If you want to high-load, you will chose multiple remote servers version. You do not need complicated configure for servers.

How to use

Let's enjoy cloud-based load testing.

Is your Visual Studio using hardware graphics acceleration in Visual Studio?

kosmos — Mon, 08 Jul 2019 19:11:32 +0000

Recent versions Visual Studio can support hardware graphics acceleration. In normally, that is automatically enabled it in your computer if your computer can support GPU. However some situation doesn't enabled it automatically when has enabled Hyper-V in your computer.

Fig.1: Automatically option is enable, but Visual Studio using software rendering.

If your computer can use GPU and enabled Hyper-V, you should checked off "Automatically adjust visual experience based on client performance", and checked on "Use hardware graphics acceleration if available".

This issue is known issue in VSteam. I'm looking forward to fix it. :)

Visual Studio developer community

DEV Community: kosmos

Handle authentication when using Azure SDKs in .NET (C#)

Find the alternative solutions about cloud-based load testing features

Is your Visual Studio using hardware graphics acceleration in Visual Studio?