[Feature] Azure CLI Credential Provider

[rwoll]

In order to avoid any use of PATs on macOS, I'd like to have the Credential Provider get tokens from the azure CLI as that's already logged in and have behavior that's generally inline with the DefaultAzureCredential provider class.

On Windows, the authentication broker works great and PAT-less, but on macOS it looks like there's not a good non-PAT option.

[embetten]

Can you describe your scenario further? Are you trying to use a managed identity as outlined in the DefaultAzureCredential docs or are you a user on a local macOS machine running into device code flow?

Native managed identity is currently supported with the ARTIFACTS_CREDENTIALPROVIDER_FEED_ENDPOINTS listed in our env variables.

[rwoll]

are you a user on a local macOS machine running into device code flow?

I'm a user on a local macOS screen. I'm not sure if I'm using Device Code Flow. I'm using the default when I do dotnet restore --interactive.

When I do this it kicks off an auth flow in my browser but then it ends up generating a PAT in ADO, and I'd like to avoid any PATs like it does on Windows.