From 0977c3fa39e324712a6298337764a151b1af629a Mon Sep 17 00:00:00 2001 From: "Xiaofei Cao (from Dev Box)" Date: Thu, 23 Apr 2026 15:47:41 +0800 Subject: [PATCH] add reason for file-based auth removal --- sdk/resourcemanager/docs/MIGRATION_GUIDE.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sdk/resourcemanager/docs/MIGRATION_GUIDE.md b/sdk/resourcemanager/docs/MIGRATION_GUIDE.md index 9c11c4b1811c..ddcec8d85f01 100644 --- a/sdk/resourcemanager/docs/MIGRATION_GUIDE.md +++ b/sdk/resourcemanager/docs/MIGRATION_GUIDE.md @@ -70,7 +70,7 @@ In addition to this change, the **support for using auth file has been removed** ```java Azure azure = Azure.authenticate(new File("my.azureauth")).withDefaultSubscription(); ``` -**In new version, this feature has been removed.** If this creates concern on your side, please file an issue to let us know. +**In new version, this feature has been removed and is not recommended.** File-based authentication relies on storing service principal credentials (such as client secrets) in a local file, which is considered insecure and discouraged by current Azure security best practices. If this creates concern on your side, please file an issue to let us know. For detailed information on the benefits of using the new authentication classes, please refer to [this page](https://github.com/Azure/azure-sdk-for-java/blob/main/sdk/resourcemanager/docs/AUTH.md)