Enabling Clients to Directly Retrieve Azure Tokens

You can set parameters to enable clients to directly retrieve Azure tokens on their own.

This feature is available in environments that use JDBC-thin clients, ODP.NET Core classes, or ODP.NET Managed Driver classes. It enables the client to display authentication requests to the user by using the following methods:

To enable this feature for either of these authentication request types, you must set the following parameters in either the client’s sqlnet.ora file or in a connect string. The connect string takes precedence over sqlnet.ora.

TOKEN_AUTH

Sets the token authentication. Enter one of the following values:

AZURE_CLIENT_ID

The unique application (client) ID assigned to your app by Azure AD when the app was registered. This app is your database client that will request to get an access token for the database for the user.

AZURE_DB_APP_ID_URI

The application ID URI is a URI that uniquely identifies the application in your Azure AD. You get this value from the overview screen of your database Azure AD app registration.

AZURE_TENANT_ID

Specifies the Azure tenancy ID of the database.