Azure SDK for JavaScript

This repository is for the Azure SDK for JavaScript (Node.js & Browser). It contains libraries for the breadth of Azure services. Management libraries are packages that you would use to provision and manage Azure resources. Client libraries are packages that you would use to consume these resources and interact with them.

Getting started

A few helpful resources to get started are:

• The readme for each package contains code samples and package information. This readme can be found in the corresponding package folder under the folder of the service of your choice in the /sdk folder of this repository. The same readme file can be found on the landing page for the package in npm.
• The API reference documentation of the latest versions of these packages, can be found at our public developer docs.
• The API reference documentation of older versions, can be found in our versioned developer docs.

Each service might have a number of libraries available from each of the following categories:

• Client
• Management

NOTE: Some of these packages have beta versions. If you need to ensure your code is ready for production, use one of the stable, non-beta packages.

Client

Given an Azure resource already exists, you would use the client libraries to consume it and interact with it. Most of these libraries follow the Azure SDK Design Guidelines for JavaScript & TypeScript and share a number of core functionalities such as retries, logging, transport protocols, authentication protocols, etc. Others will be updated in the near future to follow the guidelines as well.

To get a list of all client libraries that follow the new guidelines, please visit our Azure SDK releases page.

Management

Management libraries enable you to provision and manage Azure resources via the Azure Resource Manager i.e. ARM. You can recognize these libraries by @azure/arm- in their package names. These are purely auto-generated based on the swagger files that represent the APIs for resource management.

Newer versions of these libraries follow the Azure SDK Design Guidelines for TypeScript. These new versions provide a number of core capabilities that are shared amongst all Azure SDKs, including the intuitive Azure Identity library, an HTTP Pipeline with custom policies, error-handling, distributed tracing, and much more. A few helpful resources to get started with these are:

• List of management libraries that follow the new guidelines
• Documentation and code samples.
• Migration guide that shows how to transition from older versions of libraries.

NOTE: If you are experiencing authentication issues with the management libraries after upgrading certain packages, it's possible that you upgraded to the new versions of SDK without changing the authentication code, please refer to the migration guide mentioned above for proper instructions.

Need help?

• For detailed documentation, visit our Azure SDK for JavaScript documentation
• File an issue via GitHub Issues
• Check previous questions or ask new ones on StackOverflow using azure-sdk-js tag.
• Read our Support documentation.

Data Collection

The software may collect information about you and your use of the software and send it to Microsoft. Microsoft may use this information to provide services and improve our products and services. You may turn off the telemetry as described below. You can learn more about data collection and use in the help documentation and Microsoft’s privacy statement. For more information on the data collected by the Azure SDK, please visit the Telemetry Guidelines page.

Telemetry Configuration

Telemetry collection is on by default.

To opt out, you can disable telemetry at client construction. Create a custom HTTP pipeline policy that removes the user agent string, and then pass that policy into the additionalPolicies option during client creation. This will disable telemetry for all methods in the client. Do this for every new client.

The example below uses the @azure/keyvault-secrets package. In your code, you can replace @azure/keyvault-secrets with the package you are using.

1import { SecretClient } from "@azure/keyvault-secrets";
2import { ManagedIdentityCredential } from "@azure/identity";
3
4function removeUserAgentPolicy() {
5  return {
6    name: "removeUserAgentPolicy",
7    sendRequest(request, next) {
8      request.headers.delete("User-Agent");
9      return next(request);
10    },
11  };
12}
13
14/**
15 * Creates a SecretClient with managed identity authentication and empty user agent
16 * @param keyvaultUri - The URI of the Azure Key Vault
17 * @returns configured SecretClient instance
18 */
19function createSecretClientWithManagedIdentity(
20  keyvaultUri: string
21): SecretClient {
22  // Create ManagedIdentityCredential for managed identity authentication
23  const credential = new ManagedIdentityCredential();
24
25  // Create secret client with managed identity and empty user agent
26  const secretClient = new SecretClient(keyvaultUri, credential, {
27    additionalPolicies: [
28      {
29        position: "perCall",
30        policy: removeUserAgentPolicy(),
31      },
32    ],
33  });
34
35  return secretClient;
36}
37
38// Usage example
39const keyvaultUri = "https://your-keyvault-name.vault.azure.net";
40const secretClient = createSecretClientWithManagedIdentity(keyvaultUri);
41
42// Now you can use the secret client to perform operations
43// For example:
44// const secretValue = await secretClient.getSecret("your-secret-name");

Community

Try our community resources.

Reporting security issues and security bugs

Security issues and bugs should be reported privately, via email, to the Microsoft Security Response Center (MSRC) secure@microsoft.com. You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Further information, including the MSRC PGP key, can be found in the Security TechCenter.

Contributing

For details on contributing to this repository, see the contributing guide.

This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.microsoft.com.

When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repositories using our CLA.

This project has adopted the Microsoft Open Source Code of Conduct. For more information, see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.