Cloud sessions: non-interactive Azure CLI auth path
Context
I'm using Claude Code on the web (cloud sessions) for a solo build of a healthcare-billing SaaS on Azure. Phase 1 substrate provisioning uses Bicep + GitHub Actions OIDC, which works fine in cloud. Beyond that, every Phase 2+ task that wants ad-hoc Azure CLI introspection from a phone-driven cloud session hits the same wall: there's no path to authenticate az non-interactively in the cloud sandbox.
Cloud sessions can install az (my SessionStart hook handles this), but there's no az login device-code flow available, no service-principal credentials injected into the sandbox env, no federated identity assertion exposed.
Today's workaround stack
- Azure MCP server for read ops (authed via its own MCP-internal flow)
- GitHub Actions OIDC for write ops (deploy via PR +
workflow_dispatch) - Fall back to desktop session for ad-hoc
azwork
Acceptable for Phase 1 substrate, but Phase 2+ ad-hoc Azure work from a phone-driven cloud session is blocked.
Two viable shapes
- Federated identity credential — Claude Code on the web exposes an OIDC token issuer for cloud session identity. The user registers a federated credential on a service principal in their tenant trusting that issuer (with a subject claim like
claude-cloud-session:<environment-id>). SessionStart hook runsaz login --service-principal --federated-token <assertion>. Cleanest — no shared secrets.
- Environment-injected SP credentials — env-var injection for
AZURE_CLIENT_ID/AZURE_TENANT_ID/AZURE_CLIENT_SECRET(orAZURE_FEDERATED_TOKEN_FILE), same mechanism currently used forGH_TOKEN/GITHUB_MCP_PAT. Hook runsaz login --service-principalnon-interactively.
What I'd like to know
- Does cloud Claude Code expose an OIDC identity-token issuer for session identity (for shape 1)? If yes: issuer URL + subject claim format + audience to use for federation.
- If not, is the existing
GH_TOKEN-style env-secret injection extensible to multiple Azure-SP variables (for shape 2)? - Roadmap timing if neither is available today.
Preference: shape 1 if available; shape 2 acceptable fallback. Both flow through a SessionStart hook (ensure_az_auth parallel to ensure_gh_auth).
This issue has 1 comment on GitHub. Read the full discussion on GitHub ↗