-
Notifications
You must be signed in to change notification settings - Fork 824
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AzIdentity with Cache - logout? #23499
Comments
Thank you for your feedback. Tagging and routing to the team member best able to assist. |
Neither azidentity nor its underlying cache implementation has an API for logging users in or out because applications decide whether a user is logged in or not. azidentity only authenticates users, and the cache is just a simple data store; neither has a concept of a "logged in" user. azidentity does require an AuthenticationRecord to access persisted user data, so at the application level "logging in" means authenticating a user and storing an AuthenticationRecord, and "logging out" means deleting deleting it. Is it important for your application to actually delete cached data when a user logs out? |
Hi @DariuszPorowski. Thank you for opening this issue and giving us the opportunity to assist. To help our team better understand your issue and the details of your scenario please provide a response to the question asked above or the information requested above. This will help us more accurately address your issue. |
Hi @chlowell, everything regarding AzIdentity being stateless is understood. Let me outline the scenario. I have a CLI tool named mytool. When I execute |
Why do you need to delete the data? Sure, it's sensitive, but it's encrypted and the OS protects it from other users. |
Hi @DariuszPorowski. Thank you for opening this issue and giving us the opportunity to assist. To help our team better understand your issue and the details of your scenario please provide a response to the question asked above or the information requested above. This will help us more accurately address your issue. |
Hi @DariuszPorowski, we're sending this friendly reminder because we haven't heard back from you in 7 days. We need more information about this issue to help address it. Please be sure to give us your input. If we don't hear back from you within 14 days of this comment the issue will be automatically closed. Thank you! |
Hi there
I am trying caching (1.8.0-beta.3) for user context authentication - so far looks good. But I wonder how to do "logout"?
I assume that simply deleting the cache file does not solve the problem (it only contains user metadata) and the rest is in the encryption facility. So how to do "logout" and remove stuff from the encryption facility according to the user's operating system?
The text was updated successfully, but these errors were encountered: