MSAL client type
Confidential
Problem Statement
Task type
Development
Description
Title
Support forwarding MSAL client metadata headers through IMDS to ESTS
Description
Enable MSAL to send client metadata headers to IMDS on Managed Identity token requests, along with Metadata: true. IMDS should accept these headers and forward the corresponding values on the downstream ESTS token request.
Headers
Metadata: truex-client-skux-client-verclient-request-id
Example
x-client-sku: MSI.IMDS.Prod-AzureSDKx-client-ver: 10.2.1456-2019-08-01-1.11.3client-request-id: 11111111-2222-3333-4444-555555555555
Expected flow
- MSAL → IMDS: sends
Metadata: true, x-client-sku, x-client-ver, and client-request-id
- IMDS → ESTS: forwards the corresponding client metadata headers
Acceptance Criteria
- IMDS accepts
x-client-sku, x-client-ver, and client-request-id from MSAL requests
- IMDS preserves
Metadata: true handling as it does today
- IMDS forwards the client metadata headers on the ESTS token request
- Header forwarding is validated with a test or trace showing the end-to-end flow
Solution
No response
Proposed solution
No response
MSAL client type
Confidential
Problem Statement
Task type
Development
Description
Title
Support forwarding MSAL client metadata headers through IMDS to ESTS
Description
Enable MSAL to send client metadata headers to IMDS on Managed Identity token requests, along with
Metadata: true. IMDS should accept these headers and forward the corresponding values on the downstream ESTS token request.Headers
Metadata: truex-client-skux-client-verclient-request-idExample
x-client-sku: MSI.IMDS.Prod-AzureSDKx-client-ver: 10.2.1456-2019-08-01-1.11.3client-request-id: 11111111-2222-3333-4444-555555555555Expected flow
Metadata: true,x-client-sku,x-client-ver, andclient-request-idAcceptance Criteria
x-client-sku,x-client-ver, andclient-request-idfrom MSAL requestsMetadata: truehandling as it does todaySolution
No response
Proposed solution
No response