Change samples to use DefaultAzureCredential (#5183)

* Change samples to use `DefaultAzureCredential`

* Missed instance

* Oaep

---------

Co-authored-by: Anton Kolesnyk <antkmsft@users.noreply.github.com>

.vscode/cspell.json

@@ -150,6 +150,7 @@
     "nostd",
     "nread",
     "NTSTATUS",
+    "Oaep",
     "OIDC",
     "okhttp",
     "opentelemetry",

samples/integration/vcpkg-all-smoke/src/main.cpp

@@ -30,9 +30,6 @@ using namespace Azure::Security::Attestation;
 
 int main()
 {
-  auto tenantId = std::getenv("AZURE_TENANT_ID");
-  auto clientId = std::getenv("AZURE_CLIENT_ID");
-  auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
   const std::string leaseID = "leaseID";
   const std::string smokeUrl = "https://blob.com";
   // Creating an attestation service instance requires contacting the attestation service (to
@@ -40,8 +37,7 @@ int main()
   // available) as an anonymous service instance.
   const std::string attestationUrl = "https://sharedwus.wus.attest.azure.net";
 
-  auto credential
-      = std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
+  auto credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 
   // instantiate the clients
   try

sdk/attestation/azure-security-attestation/README.md

@@ -116,8 +116,7 @@ authentication, the documentation for that API will reflect that the attestation
 
 To interact with the authenticated APIs supported by the Azure Attestation service, your client must present an Azure Active Directory bearer token to the service.
 
-The simplest way of providing a bearer token is to use the  `ClientSecretCredential` authentication method by providing client secret credentials is being used in this
-getting started section, but you can find more ways to authenticate with [azure-identity][azure_identity].
+The simplest way of providing a bearer token is to use the `DefaultAzureCredential` authentication method is being used in this getting started section, but you can find more ways to authenticate with [azure-identity][azure_identity].
 
 ## Key concepts
 
@@ -219,8 +218,7 @@ If the attestation APIs require authentication, use the following:
 ```cpp
 std::string endpoint = std::getenv("ATTESTATION_AAD_URL");
 std::shared_ptr<Azure::Core::Credentials::TokenCredential> credential
-    = std::make_shared<Azure::Identity::ClientSecretCredential>(
-      std::getenv("AZURE_TENANT_ID"), std::getenv("AZURE_CLIENT_ID"), std::getenv("AZURE_CLIENT_SECRET"));
+    = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 auto client = Azure::Security::Attestation::AttestationClient::Create(m_endpoint, credential);
 ```
 
@@ -265,8 +263,7 @@ All administrative clients are authenticated.
 ```cpp
 std::string endpoint = std::getenv("ATTESTATION_AAD_URL");
 std::shared_ptr<Azure::Core::Credentials::TokenCredential> credential
-      = std::make_shared<Azure::Identity::ClientSecretCredential>(
-          std::getenv("AZURE_TENANT_ID"), std::getenv("AZURE_CLIENT_ID"), std::getenv("AZURE_CLIENT_SECRET"));
+      = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 AttestationAdministrationClient adminClient(AttestationAdministrationClient::Create(m_endpoint, credential));
 ```
 

sdk/attestation/azure-security-attestation/samples/attestation/attest_openenclave_shared.cpp

@@ -10,14 +10,6 @@
  * - ATTESTATION_ISOLATED_URL:  Points to an Attestation Service Instance in Isolated mode.
  * - LOCATION_SHORT_NAME:  Specifies the short name of an Azure region to use for shared mode
  * operations.
- * - AZURE_TENANT_ID:     Tenant ID for the Azure account. Used for authenticated calls to the
- * attestation service.
- * - AZURE_CLIENT_ID:     The Client ID to authenticate the request. Used for authenticated calls to
- * the attestation service.
- * - AZURE_CLIENT_ID:     The Client ID to authenticate the request. Used for authenticated calls to
- * the attestation service.
- * - AZURE_CLIENT_SECRET: The client secret. Used for authenticated calls to the attestation
- * service.
  *
  */
 

sdk/attestation/azure-security-attestation/samples/attestation/attest_openenclave_with_draft_policy.cpp

@@ -10,14 +10,6 @@
  * - ATTESTATION_ISOLATED_URL:  Points to an Attestation Service Instance in Isolated mode.
  * - LOCATION_SHORT_NAME:  Specifies the short name of an Azure region to use for shared mode
  * operations.
- * - AZURE_TENANT_ID:     Tenant ID for the Azure account. Used for authenticated calls to the
- * attestation service.
- * - AZURE_CLIENT_ID:     The Client ID to authenticate the request. Used for authenticated calls to
- * the attestation service.
- * - AZURE_CLIENT_ID:     The Client ID to authenticate the request. Used for authenticated calls to
- * the attestation service.
- * - AZURE_CLIENT_SECRET: The client secret. Used for authenticated calls to the attestation
- * service.
  *
  */
 

sdk/attestation/azure-security-attestation/samples/attestation/attest_sgxenclave.cpp

@@ -10,14 +10,6 @@
  * - ATTESTATION_ISOLATED_URL:  Points to an Attestation Service Instance in Isolated mode.
  * - LOCATION_SHORT_NAME:  Specifies the short name of an Azure region to use for shared mode
  * operations.
- * - AZURE_TENANT_ID:     Tenant ID for the Azure account. Used for authenticated calls to the
- * attestation service.
- * - AZURE_CLIENT_ID:     The Client ID to authenticate the request. Used for authenticated calls to
- * the attestation service.
- * - AZURE_CLIENT_ID:     The Client ID to authenticate the request. Used for authenticated calls to
- * the attestation service.
- * - AZURE_CLIENT_SECRET: The client secret. Used for authenticated calls to the attestation
- * service.
  *
  */
 

sdk/attestation/azure-security-attestation/samples/attestation/attest_sgxenclave_with_runtime_binary.cpp

@@ -10,14 +10,6 @@
  * - ATTESTATION_ISOLATED_URL:  Points to an Attestation Service Instance in Isolated mode.
  * - LOCATION_SHORT_NAME:  Specifies the short name of an Azure region to use for shared mode
  * operations.
- * - AZURE_TENANT_ID:     Tenant ID for the Azure account. Used for authenticated calls to the
- * attestation service.
- * - AZURE_CLIENT_ID:     The Client ID to authenticate the request. Used for authenticated calls to
- * the attestation service.
- * - AZURE_CLIENT_ID:     The Client ID to authenticate the request. Used for authenticated calls to
- * the attestation service.
- * - AZURE_CLIENT_SECRET: The client secret. Used for authenticated calls to the attestation
- * service.
  *
  */
 

sdk/attestation/azure-security-attestation/samples/attestation/attest_sgxenclave_with_runtime_json.cpp

@@ -10,14 +10,6 @@
  * - ATTESTATION_ISOLATED_URL:  Points to an Attestation Service Instance in Isolated mode.
  * - LOCATION_SHORT_NAME:  Specifies the short name of an Azure region to use for shared mode
  * operations.
- * - AZURE_TENANT_ID:     Tenant ID for the Azure account. Used for authenticated calls to the
- * attestation service.
- * - AZURE_CLIENT_ID:     The Client ID to authenticate the request. Used for authenticated calls to
- * the attestation service.
- * - AZURE_CLIENT_ID:     The Client ID to authenticate the request. Used for authenticated calls to
- * the attestation service.
- * - AZURE_CLIENT_SECRET: The client secret. Used for authenticated calls to the attestation
- * service.
  *
  */
 

sdk/attestation/azure-security-attestation/samples/basic-operations/create_admin_client.cpp

@@ -9,9 +9,6 @@
  * - ATTESTATION_AAD_URL:  Points to an Attestation Service Instance in AAD mode.
  * - ATTESTATION_ISOLATED_URL:  Points to an Attestation Service Instance in Isolated mode.
  * operations.
- * - AZURE_TENANT_ID:     Tenant ID for the Azure account.
- * - AZURE_CLIENT_ID:     The Client ID to authenticate the request.
- * - AZURE_CLIENT_SECRET: The client secret.
  *
  * Note that the administration client MUST be authenticated.
  *
@@ -35,10 +32,7 @@ int main()
   try
   {
     // create client
-    auto const credential = std::make_shared<Azure::Identity::ClientSecretCredential>(
-        GetEnvHelper::GetEnv("AZURE_TENANT_ID"),
-        GetEnvHelper::GetEnv("AZURE_CLIENT_ID"),
-        GetEnvHelper::GetEnv("AZURE_CLIENT_SECRET"));
+    auto const credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
     AttestationAdministrationClient const adminClient(AttestationAdministrationClient::Create(
         GetEnvHelper::GetEnv("ATTESTATION_AAD_URL"), credential));
 

sdk/attestation/azure-security-attestation/samples/basic-operations/get_open-id_metadata.cpp

@@ -3,15 +3,12 @@
 
 /**
  * @brief This sample provides the code implementation to use the Attestation SDK client
- * for C++ to retrieve the OpenID metadata for an endpoint..
+ * for C++ to retrieve the OpenID metadata for an endpoint.
  *
  * @remark The following environment variables must be set before running the sample.
  * - ATTESTATION_AAD_URL:  Points to an Attestation Service Instance in AAD mode.
  * - ATTESTATION_ISOLATED_URL:  Points to an Attestation Service Instance in Isolated mode.
  * operations.
- * - AZURE_TENANT_ID:     Tenant ID for the Azure account.
- * - AZURE_CLIENT_ID:     The Client ID to authenticate the request.
- * - AZURE_CLIENT_SECRET: The client secret.
  *
  */
 

sdk/attestation/azure-security-attestation/samples/basic-operations/get_signing_certificates.cpp

@@ -3,15 +3,12 @@
 
 /**
  * @brief This sample provides the code implementation to use the Attestation SDK client
- * for C++ to retrieve the OpenID metadata for an endpoint..
+ * for C++ to retrieve the OpenID metadata for an endpoint.
  *
  * @remark The following environment variables must be set before running the sample.
  * - ATTESTATION_AAD_URL:  Points to an Attestation Service Instance in AAD mode.
  * - ATTESTATION_ISOLATED_URL:  Points to an Attestation Service Instance in Isolated mode.
  * operations.
- * - AZURE_TENANT_ID:     Tenant ID for the Azure account.
- * - AZURE_CLIENT_ID:     The Client ID to authenticate the request.
- * - AZURE_CLIENT_SECRET: The client secret.
  *
  */
 

sdk/attestation/azure-security-attestation/samples/policy-certificates/add_policy_certificate.cpp

@@ -17,9 +17,6 @@
  * - ISOLATED_SIGNING_CERTIFICATE: An X.509 certificate which wraps the ISOLATED_SIGNING_KEY.
  * - POLICY_SIGNING_CERTIFICATE_0: An X.509 certificate which will be added to the set of policy
  * management certificates.
- * - AZURE_TENANT_ID:     Tenant ID for the Azure account.
- * - AZURE_CLIENT_ID:     The Client ID to authenticate the request.
- * - AZURE_CLIENT_SECRET: The client secret.
  *
  */
 
@@ -46,10 +43,7 @@ int main()
   try
   {
     // create an administration client
-    auto const credential = std::make_shared<Azure::Identity::ClientSecretCredential>(
-        GetEnvHelper::GetEnv("AZURE_TENANT_ID"),
-        GetEnvHelper::GetEnv("AZURE_CLIENT_ID"),
-        GetEnvHelper::GetEnv("AZURE_CLIENT_SECRET"));
+    auto const credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
     AttestationAdministrationClient adminClient(AttestationAdministrationClient::Create(
         GetEnvHelper::GetEnv("ATTESTATION_ISOLATED_URL"), credential));
 

sdk/attestation/azure-security-attestation/samples/policy-certificates/get_policy_certificates.cpp

@@ -12,9 +12,6 @@
  * @remark The following environment variables must be set before running the sample.
  * - ATTESTATION_ISOLATED_URL:  Points to an Attestation Service Instance in Isolated mode.
  * operations.
- * - AZURE_TENANT_ID:     Tenant ID for the Azure account.
- * - AZURE_CLIENT_ID:     The Client ID to authenticate the request.
- * - AZURE_CLIENT_SECRET: The client secret.
  *
  */
 
@@ -41,10 +38,7 @@ int main()
   try
   {
     // create an administration client
-    auto const credential = std::make_shared<Azure::Identity::ClientSecretCredential>(
-        GetEnvHelper::GetEnv("AZURE_TENANT_ID"),
-        GetEnvHelper::GetEnv("AZURE_CLIENT_ID"),
-        GetEnvHelper::GetEnv("AZURE_CLIENT_SECRET"));
+    auto const credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
     AttestationAdministrationClient adminClient(AttestationAdministrationClient::Create(
         GetEnvHelper::GetEnv("ATTESTATION_ISOLATED_URL"), credential));
 

sdk/attestation/azure-security-attestation/samples/policy/get_policy.cpp

@@ -8,9 +8,6 @@
  * @remark The following environment variables must be set before running the sample.
  * - ATTESTATION_AAD_URL:  Points to an Attestation Service Instance in AAD mode.
  * operations.
- * - AZURE_TENANT_ID:     Tenant ID for the Azure account.
- * - AZURE_CLIENT_ID:     The Client ID to authenticate the request.
- * - AZURE_CLIENT_SECRET: The client secret.
  *
  */
 
@@ -35,10 +32,7 @@ int main()
   try
   {
     // create an administration client
-    auto const credential = std::make_shared<Azure::Identity::ClientSecretCredential>(
-        GetEnvHelper::GetEnv("AZURE_TENANT_ID"),
-        GetEnvHelper::GetEnv("AZURE_CLIENT_ID"),
-        GetEnvHelper::GetEnv("AZURE_CLIENT_SECRET"));
+    auto const credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 
     AttestationAdministrationClient adminClient(AttestationAdministrationClient::Create(
         GetEnvHelper::GetEnv("ATTESTATION_AAD_URL"), credential));

sdk/attestation/azure-security-attestation/samples/policy/reset_policy.cpp

@@ -10,9 +10,6 @@
  * - ATTESTATION_ISOLATED_URL:  Points to an Attestation Service Instance in Isolated mode.
  * - LOCATION_SHORT_NAME:  Specifies the short name of an Azure region to use for shared mode
  * operations.
- * - AZURE_TENANT_ID:     Tenant ID for the Azure account.
- * - AZURE_CLIENT_ID:     The Client ID to authenticate the request.
- * - AZURE_CLIENT_SECRET: The client secret.
  *
  */
 
@@ -50,10 +47,7 @@ int main()
     clientOptions.TokenValidationOptions.TimeValidationSlack = 10s;
 
     // create client
-    auto const credential = std::make_shared<Azure::Identity::ClientSecretCredential>(
-        GetEnvHelper::GetEnv("AZURE_TENANT_ID"),
-        GetEnvHelper::GetEnv("AZURE_CLIENT_ID"),
-        GetEnvHelper::GetEnv("AZURE_CLIENT_SECRET"));
+    auto const credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
     AttestationAdministrationClient const adminClient(
         AttestationAdministrationClient::Create(endpoint, credential, clientOptions));
 

sdk/attestation/azure-security-attestation/samples/policy/reset_sealed_policy.cpp

@@ -7,9 +7,6 @@
  *
  * @remark The following environment variables must be set before running the sample.
  * - ATTESTATION_ISOLATED_URL:  Points to an Attestation Service Instance in Isolated mode.
- * - AZURE_TENANT_ID:     Tenant ID for the Azure account.
- * - AZURE_CLIENT_ID:     The Client ID to authenticate the request.
- * - AZURE_CLIENT_SECRET: The client secret.
  * - ISOLATED_SIGNING_KEY: A Base64 encoded DER encoded RSA private key which matches the private
  * key used when creating the ATTESTATION_ISOLATED_URL.
  * - ISOLATED_SIGNING_CERTIFICATE: A Base64 encoded X.509 certificate wrapping the public key of the
@@ -53,10 +50,7 @@ int main()
     clientOptions.TokenValidationOptions.TimeValidationSlack = 10s;
 
     // create client
-    auto const credential = std::make_shared<Azure::Identity::ClientSecretCredential>(
-        GetEnvHelper::GetEnv("AZURE_TENANT_ID"),
-        GetEnvHelper::GetEnv("AZURE_CLIENT_ID"),
-        GetEnvHelper::GetEnv("AZURE_CLIENT_SECRET"));
+    auto const credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
     AttestationAdministrationClient const adminClient(
         AttestationAdministrationClient::Create(endpoint, credential, clientOptions));
 

sdk/attestation/azure-security-attestation/samples/policy/set_policy.cpp

@@ -10,9 +10,6 @@
  * - ATTESTATION_ISOLATED_URL:  Points to an Attestation Service Instance in Isolated mode.
  * - LOCATION_SHORT_NAME:  Specifies the short name of an Azure region to use for shared mode
  * operations.
- * - AZURE_TENANT_ID:     Tenant ID for the Azure account.
- * - AZURE_CLIENT_ID:     The Client ID to authenticate the request.
- * - AZURE_CLIENT_SECRET: The client secret.
  *
  */
 
@@ -54,10 +51,7 @@ int main()
     clientOptions.TokenValidationOptions.TimeValidationSlack = 10s;
 
     // create client
-    auto const credential = std::make_shared<Azure::Identity::ClientSecretCredential>(
-        GetEnvHelper::GetEnv("AZURE_TENANT_ID"),
-        GetEnvHelper::GetEnv("AZURE_CLIENT_ID"),
-        GetEnvHelper::GetEnv("AZURE_CLIENT_SECRET"));
+    auto const credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
     AttestationAdministrationClient const adminClient(
         AttestationAdministrationClient::Create(endpoint, credential, clientOptions));
 

sdk/attestation/azure-security-attestation/samples/policy/set_sealed_policy.cpp

@@ -7,9 +7,6 @@
  *
  * @remark The following environment variables must be set before running the sample.
  * - ATTESTATION_ISOLATED_URL:  Points to an Attestation Service Instance in Isolated mode.
- * - AZURE_TENANT_ID:     Tenant ID for the Azure account.
- * - AZURE_CLIENT_ID:     The Client ID to authenticate the request.
- * - AZURE_CLIENT_SECRET: The client secret.
  * - ISOLATED_SIGNING_KEY: A Base64 encoded DER encoded RSA private key which matches the private
  * key used when creating the ATTESTATION_ISOLATED_URL.
  * - ISOLATED_SIGNING_CERTIFICATE: A Base64 encoded X.509 certificate wrapping the public key of the
@@ -59,10 +56,7 @@ int main()
     clientOptions.TokenValidationOptions.TimeValidationSlack = 10s;
 
     // create client
-    auto const credential = std::make_shared<Azure::Identity::ClientSecretCredential>(
-        GetEnvHelper::GetEnv("AZURE_TENANT_ID"),
-        GetEnvHelper::GetEnv("AZURE_CLIENT_ID"),
-        GetEnvHelper::GetEnv("AZURE_CLIENT_SECRET"));
+    auto const credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
     AttestationAdministrationClient const adminClient(
         AttestationAdministrationClient::Create(endpoint, credential, clientOptions));
 

sdk/core/azure-core-amqp/samples/internal/eventhub_get_properties_sample/eventhub_get_eventhub_properties_sample.cpp

@@ -5,7 +5,7 @@
 #include <azure/core/amqp/internal/connection_string_credential.hpp>
 #include <azure/core/amqp/internal/management.hpp>
 #include <azure/core/amqp/internal/message_sender.hpp>
-#include <azure/identity/client_secret_credential.hpp>
+#include <azure/identity.hpp>
 
 #include <chrono>
 #include <iostream>
@@ -172,10 +172,7 @@ int main()
 
   // Establish the connection to the eventhub.
 
-  auto credential{std::make_shared<Azure::Identity::ClientSecretCredential>(
-      std::getenv("SAMPLES_TENANT_ID"),
-      std::getenv("SAMPLES_CLIENT_ID"),
-      std::getenv("SAMPLES_CLIENT_SECRET"))};
+  auto credential{std::make_shared<Azure::Identity::DefaultAzureCredential>()};
 
   Azure::Core::Amqp::_internal::ConnectionOptions connectionOptions;
   connectionOptions.ContainerId = "some";

sdk/core/azure-core-amqp/samples/internal/eventhub_token_writer_sample/eventhub_token_writer_sample.cpp

@@ -5,7 +5,7 @@
 #include <azure/core/amqp/internal/connection_string_credential.hpp>
 #include <azure/core/amqp/internal/message_sender.hpp>
 #include <azure/core/credentials/credentials.hpp>
-#include <azure/identity/client_secret_credential.hpp>
+#include <azure/identity.hpp>
 
 #include <chrono>
 #include <iostream>
@@ -32,10 +32,7 @@ int main()
   }
 
   // Establish credentials for the eventhub client.
-  auto credential{std::make_shared<Azure::Identity::ClientSecretCredential>(
-      std::getenv("SAMPLES_TENANT_ID"),
-      std::getenv("SAMPLES_CLIENT_ID"),
-      std::getenv("SAMPLES_CLIENT_SECRET"))};
+  auto credential{std::make_shared<Azure::Identity::DefaultAzureCredential>()};
 
   Azure::Core::Amqp::_internal::ConnectionOptions connectionOptions;
   connectionOptions.ContainerId = "some";

sdk/eventhubs/azure-messaging-eventhubs/samples/README.md

@@ -10,12 +10,6 @@ variables have been set by the user:
 * EVENTHUBS_CONNECTION_STRING - The service connection string for the eventhubs instance.
 * EVENTHUB_NAME - Name of the eventhubs instance to communicate with.
 * EVENTHUBS_HOST - Fully qualified domain name for the eventhubs instance.
-* AZURE_TENANT_ID - The tenant ID for the user or service principal which has
-been granted access to the eventhubs service instance.
-* AZURE_CLIENT_ID - The client ID for the user or service principal which has been 
-granted access to the eventhubs service instance.
-* AZURE_CLIENT_SECRET - The client secret for the user or service principal
-  which has been granted access to the eventhubs service instance.
 
 The tests also assume that the currently logged on user is authorized to call
 into the Event Hubs service instance because they use [Azure::Core::Credentials::TokenCredential](https://azuresdkdocs.blob.core.windows.net/$web/cpp/azure-core/1.3.1/class_azure_1_1_core_1_1_credentials_1_1_token_credential.html) for authorization.

sdk/eventhubs/azure-messaging-eventhubs/samples/basic-operations/create_consumer_aad.cpp

@@ -8,17 +8,10 @@
 // * EVENTHUBS_HOST - contains the fully qualified domain name for the eventhub service instance.
 // * EVENTHUB_NAME - the name of the Event Hub instance.
 //
-// The following environment variables are required to authenticate the request using
-// Azure::Identity::EnvironmentCredential:
-// * AZURE_CLIENT_ID - the application client ID used to authenticate the request.
-// * AZURE_TENANT_ID - the tenant ID or domain used to authenticate the request.
-// * AZURE_CLIENT_SECRET - the application client secret used to authenticate the request.
-//
 // Both of these should be available from the Azure portal.
 //
 
-#include <azure/identity/client_secret_credential.hpp>
-#include <azure/identity/environment_credential.hpp>
+#include <azure/identity.hpp>
 #include <azure/messaging/eventhubs.hpp>
 
 #include <iostream>
@@ -38,8 +31,7 @@ int main()
     return 1;
   }
 
-  std::shared_ptr<Azure::Core::Credentials::TokenCredential> credential
-      = std::make_shared<Azure::Identity::EnvironmentCredential>();
+  auto credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 
   Azure::Messaging::EventHubs::ConsumerClient consumerClient(
       eventhubsHost, eventhubName, credential);

sdk/eventhubs/azure-messaging-eventhubs/samples/basic-operations/create_producer_aad.cpp

@@ -11,15 +11,9 @@
 // * EVENTHUBS_HOST - contains the fully qualified domain name for the eventhub service instance.
 // * EVENTHUB_NAME - the name of the Event Hub instance.
 //
-// The following environment variables are required to authenticate the request using
-// Azure::Identity::EnvironmentCredential:
-// * AZURE_CLIENT_ID - the application client ID used to authenticate the request.
-// * AZURE_TENANT_ID - the tenant ID or domain used to authenticate the request.
-// * AZURE_CLIENT_SECRET - the application client secret used to authenticate the request.
-//
 // Both of these should be available from the Azure portal.
 //
-#include <azure/identity/environment_credential.hpp>
+#include <azure/identity.hpp>
 #include <azure/messaging/eventhubs.hpp>
 
 #include <iostream>
@@ -39,8 +33,7 @@ int main()
     return 1;
   }
 
-  std::shared_ptr<Azure::Core::Credentials::TokenCredential> credential
-      = std::make_shared<Azure::Identity::EnvironmentCredential>();
+  auto credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 
   Azure::Messaging::EventHubs::ProducerClient producerClient(
       eventhubsHost, eventhubName, credential);

sdk/eventhubs/azure-messaging-eventhubs/samples/consume-events/consume_events_aad.cpp

@@ -10,15 +10,8 @@
 //
 // Both of these should be available from the Azure portal.
 //
-// In addition, the following environment variables are required to authenticate the request using
-// Azure::Identity::EnvironmentCredential:
-// * AZURE_TENANT_ID - contains the tenant id used to authenticate the request.
-// * AZURE_CLIENT_ID - contains the client id used to authenticate the request.
-// * AZURE_CLIENT_SECRET - contains the client secret used to authenticate the request.
 
-//
-
-#include <azure/identity/environment_credential.hpp>
+#include <azure/identity.hpp>
 #include <azure/messaging/eventhubs.hpp>
 
 #include <iostream>
@@ -38,8 +31,7 @@ int main()
     return 1;
   }
 
-  std::shared_ptr<Azure::Core::Credentials::TokenCredential> credential
-      = std::make_shared<Azure::Identity::EnvironmentCredential>();
+  auto credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 
   Azure::Messaging::EventHubs::ConsumerClient consumerClient(
       eventhubsHost, eventhubName, credential);

sdk/eventhubs/azure-messaging-eventhubs/samples/produce-events/produce_events_aad.cpp

@@ -10,12 +10,6 @@
 //
 // Both of these should be available from the Azure portal.
 //
-// In addition, the following environment variables are required to authenticate the request using
-// Azure::Identity::EnvironmentCredential:
-// * AZURE_TENANT_ID - contains the tenant id used to authenticate the request.
-// * AZURE_CLIENT_ID - contains the client id used to authenticate the request.
-// * AZURE_CLIENT_SECRET - contains the client secret used to authenticate the request.
-//
 
 #include <azure/identity.hpp>
 #include <azure/messaging/eventhubs.hpp>
@@ -37,8 +31,7 @@ int main()
     return 1;
   }
 
-  std::shared_ptr<Azure::Core::Credentials::TokenCredential> credential
-      = std::make_shared<Azure::Identity::EnvironmentCredential>();
+  auto credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 
   Azure::Messaging::EventHubs::ProducerClient producerClient(
       eventhubsHost, eventhubName, credential);

sdk/keyvault/azure-security-keyvault-administration/README.md

@@ -97,11 +97,8 @@ For detailed samples please review the code provided.
 
 To get all the available settings present on the Keyvault instance we will first create a client : 
 ```cpp
-  auto tenantId = std::getenv("AZURE_TENANT_ID");
-  auto clientId = std::getenv("AZURE_CLIENT_ID");
-  auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
   auto credential
-      = std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
+      = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 
   // create client
   SettingsClient settingsClient(std::getenv("AZURE_KEYVAULT_HSM_URL"), credential);

sdk/keyvault/azure-security-keyvault-administration/samples/sample1_administration.md

@@ -7,16 +7,11 @@ To get started, you'll need a URI to an Azure Key Vault HSM.
 
 To create a new `SettingsClient` to access settings, you need the endpoint to an Azure Key Vault HSM and credentials.
 
-Key Vault Settings client for C++ currently supports the `ClientSecretCredential` for authenticating.
-
-In the sample below, you can create a credential by setting the Tenant ID, Client ID and Client Secret as environment variables.
+Key Vault Settings client for C++ currently supports any `TokenCredential` for authenticating.
 
 ```cpp Snippet:SampleAdministration1CreateCredential
-  auto tenantId = std::getenv("AZURE_TENANT_ID");
-  auto clientId = std::getenv("AZURE_CLIENT_ID");
-  auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
   auto credential
-      = std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
+      = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 ```
 
 Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application.

sdk/keyvault/azure-security-keyvault-administration/test/samples/sample1-basic-operations/sample1_administration.cpp

@@ -7,9 +7,6 @@
  *
  * @remark The following environment variables must be set before running the sample.
  * - AZURE_KEYVAULT_HSM_URL:  To the Key Vault HSM URL.
- * - AZURE_TENANT_ID:     Tenant ID for the Azure account.
- * - AZURE_CLIENT_ID:     The Client ID to authenticate the request.
- * - AZURE_CLIENT_SECRET: The client secret.
  *
  */
 
@@ -24,11 +21,7 @@ using namespace std::chrono_literals;
 
 int main()
 {
-  auto tenantId = std::getenv("AZURE_TENANT_ID");
-  auto clientId = std::getenv("AZURE_CLIENT_ID");
-  auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
-  auto credential
-      = std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
+  auto credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 
   // create client
   SettingsClient settingsClient(std::getenv("AZURE_KEYVAULT_HSM_URL"), credential);

sdk/keyvault/azure-security-keyvault-certificates/README.md

@@ -53,15 +53,10 @@ For detailed samples please review the samples provided.
 
 To create a new `CertificateClient` to create, get, update, or delete certificates, you need the endpoint to an Azure Key Vault and credentials.
 
-Key Vault Certificate client for C++ currently supports the `ClientSecretCredential` for authenticating.
-
-In the sample below, you can create a credential by setting the Tenant ID, Client ID and Client Secret as environment variables.
+Key Vault Certificate client for C++ currently supports any `TokenCredential` for authenticating.
 
 ```cpp Snippet:CertificateSample1CreateCredential
-  auto tenantId = std::getenv("AZURE_TENANT_ID");
-  auto clientId = std::getenv("AZURE_CLIENT_ID");
-  auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
-  auto credential = std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
+  auto credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 ```
 
 Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application.

sdk/keyvault/azure-security-keyvault-certificates/samples/certificate_basic_operations.md

@@ -14,15 +14,10 @@ To get started, you'll need a URI to an Azure Key Vault.
 
 To create a new `CertificateClient` to create, get, update, or delete certificates, you need the endpoint to an Azure Key Vault and credentials.
 
-Key Vault Certificate client for C++ currently supports the `ClientSecretCredential` for authenticating.
-
-In the sample below, you can create a credential by setting the Tenant ID, Client ID and Client Secret as environment variables.
+Key Vault Certificate client for C++ currently supports any `TokenCredential` for authenticating.
 
 ```cpp Snippet:CertificateSample1CreateCredential
-  auto tenantId = std::getenv("AZURE_TENANT_ID");
-  auto clientId = std::getenv("AZURE_CLIENT_ID");
-  auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
-  auto credential = std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
+  auto credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 ```
 
 Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application.

sdk/keyvault/azure-security-keyvault-certificates/samples/certificate_get_certificates.md

@@ -15,15 +15,10 @@ To get started, you'll need a URI to an Azure Key Vault.
 
 To create a new `CertificateClient` to create, get, update, or delete certificates, you need the endpoint to an Azure Key Vault and credentials.
 
-Key Vault Certificate client for C++ currently supports the `ClientSecretCredential` for authenticating.
-
-In the sample below, you can create a credential by setting the Tenant ID, Client ID and Client Secret as environment variables.
+Key Vault Certificate client for C++ currently supports any `TokenCredential` for authenticating.
 
 ```cpp Snippet:CertificateSample2CreateCredential
-  auto tenantId = std::getenv("AZURE_TENANT_ID");
-  auto clientId = std::getenv("AZURE_CLIENT_ID");
-  auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
-  auto credential = std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
+  auto credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 ```
 
 Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application.

sdk/keyvault/azure-security-keyvault-certificates/samples/certificate_import_certificate.md

@@ -7,15 +7,10 @@ To get started, you'll need a URI to an Azure Key Vault.
 
 To create a new `CertificateClient` to create, get, update, or delete certificates, you need the endpoint to an Azure Key Vault and credentials.
 
-Key Vault Certificate client for C++ currently supports the `ClientSecretCredential` for authenticating.
-
-In the sample below, you can create a credential by setting the Tenant ID, Client ID and Client Secret as environment variables.
+Key Vault Certificate client for C++ currently supports any `TokenCredential` for authenticating.
 
 ```cpp Snippet:CertificateSample3CreateCredential
-  auto tenantId = std::getenv("AZURE_TENANT_ID");
-  auto clientId = std::getenv("AZURE_CLIENT_ID");
-  auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
-  auto credential = std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
+  auto credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 ```
 
 Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application.

sdk/keyvault/azure-security-keyvault-keys/README.md

@@ -151,12 +151,11 @@ az keyvault security-domain download --hsm-name <your-key-vault-name> --sd-wrapp
 
 #### Create KeyClient
 
-Once you've populated the **AZURE_CLIENT_ID**, **AZURE_CLIENT_SECRET** and **AZURE_TENANT_ID** environment variables and replaced **your-vault-url** with the above returned URI, you can create the [KeyClient][key_client_class]:
+Once you've replaced **your-vault-url** with the above returned URI, you can create the [KeyClient][key_client_class]:
 
 ```cpp
-// Create a new key client using the default credential from Azure Identity using environment variables previously set,
-// including AZURE_CLIENT_ID, AZURE_CLIENT_SECRET, and AZURE_TENANT_ID.
-auto credential = std::make_shared<Azure::Identity::EnvironmentCredential>();
+// Create a new key client using the default credential from Azure Identity.
+auto credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 KeyClient client("AZURE_KEYVAULT_URL", credential);
 
 // Create a new key using the key client.
@@ -171,9 +170,8 @@ key = client.GetKey("key-name");
 Once you've created a `KeyVaultKey` in the Azure Key Vault, you can also create the [CryptographyClient][crypto_client_class]:
 
 ```cpp
-// Create a new cryptography client using the default credential from Azure Identity using environment variables previously set,
-// including AZURE_CLIENT_ID, AZURE_CLIENT_SECRET, and AZURE_TENANT_ID.
-auto credential = std::make_shared<Azure::Identity::EnvironmentCredential>();
+// Create a new cryptography client using the default credential from Azure Identity.
+auto credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 CryptographyClient cryptoClient(key.Id, credential);
 ```
 

sdk/keyvault/azure-security-keyvault-keys/samples/sample1_hello_world.md

@@ -7,15 +7,10 @@ To get started, you'll need a URI to an Azure Key Vault. See the [README](https:
 
 To create a new `KeyClient` to create, get, update, or delete keys, you need the endpoint to an Azure Key Vault and credentials.
 
-Key Vault Keys client for C++ currently supports the `ClientSecretCredential` for authenticating.
-
-In the sample below, you can create a credential by setting the Tenant ID, Client ID and client secret as environment variables.
+Key Vault Keys client for C++ currently supports any `TokenCredential` for authenticating.
 
 ```cpp Snippet:KeysSample1CreateCredential
-  auto tenantId = std::getenv("AZURE_TENANT_ID");
-  auto clientId = std::getenv("AZURE_CLIENT_ID");
-  auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
-  auto credential = std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
+  auto credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 ```
 
 Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application.

sdk/keyvault/azure-security-keyvault-keys/samples/sample2_backup_and_restore.md

@@ -7,15 +7,12 @@ To get started, you'll need a URI to an Azure Key Vault. See the [README](https:
 
 To create a new `KeyClient` to create, get, update, or delete keys, you need the endpoint to an Azure Key Vault and credentials.
 
-Key Vault Keys client for C++ currently supports the `ClientSecretCredential` for authenticating.
+Key Vault Keys client for C++ currently supports any `TokenCredential` for authenticating.
 
 In the sample below, you can create a credential by setting the Tenant ID, Client ID and client secret as environment variables.
 
 ```cpp Snippet:KeysSample1CreateCredential
-  auto tenantId = std::getenv("AZURE_TENANT_ID");
-  auto clientId = std::getenv("AZURE_CLIENT_ID");
-  auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
-  auto credential = std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
+  auto credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 ```
 
 Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application.

sdk/keyvault/azure-security-keyvault-keys/samples/sample3_get_keys.md

@@ -7,15 +7,12 @@ To get started, you'll need a URI to an Azure Key Vault. See the [README](https:
 
 To create a new `KeyClient` to create, get, update, or delete keys, you need the endpoint to an Azure Key Vault and credentials.
 
-Key Vault Keys client for C++ currently supports the `ClientSecretCredential` for authenticating.
+Key Vault Keys client for C++ currently supports any `TokenCredential` for authenticating.
 
 In the sample below, you can create a credential by setting the Tenant ID, Client ID and client secret as environment variables.
 
 ```cpp Snippet:KeysSample1CreateCredential
-  auto tenantId = std::getenv("AZURE_TENANT_ID");
-  auto clientId = std::getenv("AZURE_CLIENT_ID");
-  auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
-  auto credential = std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
+  auto credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 ```
 
 Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application.

sdk/keyvault/azure-security-keyvault-keys/samples/sample4_encrypt_decrypt.md

@@ -7,15 +7,12 @@ To get started, you'll need a URL to an Azure Key Vault. See the [README](https:
 
 To create a new `KeyClient` to create, get, update, or delete keys, you need the endpoint to an Azure Key Vault and credentials.
 
-Key Vault Keys client for C++ currently supports the `ClientSecretCredential` for authenticating.
+Key Vault Keys client for C++ currently supports any `TokenCredential` for authenticating.
 
 In the sample below, you can create a credential by setting the Tenant ID, Client ID and client secret as environment variables.
 
 ```cpp Snippet:KeysSample1CreateCredential
-  auto tenantId = std::getenv("AZURE_TENANT_ID");
-  auto clientId = std::getenv("AZURE_CLIENT_ID");
-  auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
-  auto credential = std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
+  auto credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 ```
 
 Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application.

sdk/keyvault/azure-security-keyvault-keys/samples/sample5_sign_verify.md

@@ -7,15 +7,12 @@ To get started, you'll need a URI to an Azure Key Vault. See the [README](https:
 
 To create a new `KeyClient` to create, get, update, or delete keys, you need the endpoint to an Azure Key Vault and credentials.
 
-Key Vault Keys client for C++ currently supports the `ClientSecretCredential` for authenticating.
+Key Vault Keys client for C++ currently supports any `TokenCredential` for authenticating.
 
 In the sample below, you can create a credential by setting the Tenant ID, Client ID and client secret as environment variables.
 
 ```cpp Snippet:KeysSample1CreateCredential
-  auto tenantId = std::getenv("AZURE_TENANT_ID");
-  auto clientId = std::getenv("AZURE_CLIENT_ID");
-  auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
-  auto credential = std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
+  auto credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 ```
 
 Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application.

sdk/keyvault/azure-security-keyvault-keys/samples/sample6_wrap_unwrap.md

@@ -7,15 +7,12 @@ To get started, you'll need a URI to an Azure Key Vault. See the [README](https:
 
 To create a new `KeyClient` to create, get, update, or delete keys, you need the endpoint to an Azure Key Vault and credentials.
 
-Key Vault Keys client for C++ currently supports the `ClientSecretCredential` for authenticating.
+Key Vault Keys client for C++ currently supports any `TokenCredential` for authenticating.
 
 In the sample below, you can create a credential by setting the Tenant ID, Client ID and client secret as environment variables.
 
 ```cpp Snippet:KeysSample6CreateCredential
-  auto tenantId = std::getenv("AZURE_TENANT_ID");
-  auto clientId = std::getenv("AZURE_CLIENT_ID");
-  auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
-  auto credential = std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
+  auto credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 ```
 
 Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application.

sdk/keyvault/azure-security-keyvault-keys/samples/sample7_key_rotation.md

@@ -7,15 +7,12 @@ To get started, you'll need a URI to an Azure Key Vault. See the [README](https:
 
 To create a new `KeyClient` to create, get, update, or delete keys, you need the endpoint to an Azure Key Vault and credentials.
 
-Key Vault Keys client for C++ currently supports the `ClientSecretCredential` for authenticating.
+Key Vault Keys client for C++ currently supports any `TokenCredential` for authenticating.
 
 In the sample below, you can create a credential by setting the Tenant ID, Client ID and client secret as environment variables.
 
 ```cpp Snippet:KeysSample7CreateCredential
-auto tenantId = std::getenv("AZURE_TENANT_ID");
-auto clientId = std::getenv("AZURE_CLIENT_ID");
-auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
-auto credential = std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
+auto credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 ```
 
 Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application.

sdk/keyvault/azure-security-keyvault-secrets/README.md

@@ -52,10 +52,7 @@ For detailed samples please review the samples provided.
 First step is to create  a SecretClient.
 
 ```cpp Snippet:SecretSample1CreateCredential
-auto tenantId = std::getenv("AZURE_TENANT_ID");
-auto clientId = std::getenv("AZURE_CLIENT_ID");
-auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
-auto credential = std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
+auto credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 
 // create client
 SecretClient secretClient(std::getenv("AZURE_KEYVAULT_URL"), credential);

sdk/keyvault/azure-security-keyvault-secrets/samples/sample1_basic_operations.md

@@ -7,15 +7,12 @@ To get started, you'll need a URI to an Azure Key Vault.
 
 To create a new `SecretClient` to create, get, update, or delete secrets, you need the endpoint to an Azure Key Vault and credentials.
 
-Key Vault Secrets client for C++ currently supports the `ClientSecretCredential` for authenticating.
+Key Vault Secrets client for C++ currently supports any `TokenCredential` for authenticating.
 
 In the sample below, you can create a credential by setting the Tenant ID, Client ID and Client Secret as environment variables.
 
 ```cpp Snippet:SecretSample1CreateCredential
-  auto tenantId = std::getenv("AZURE_TENANT_ID");
-  auto clientId = std::getenv("AZURE_CLIENT_ID");
-  auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
-  auto credential = std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
+  auto credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 ```
 
 Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application.

sdk/keyvault/azure-security-keyvault-secrets/samples/sample2_backup_restore.md

@@ -7,15 +7,12 @@ To get started, you'll need a URI to an Azure Key Vault.
 
 To create a new `SecretClient` to create, get, update, or delete secrets, you need the endpoint to an Azure Key Vault and credentials.
 
-Key Vault Secrets client for C++ currently supports the `ClientSecretCredential` for authenticating.
+Key Vault Secrets client for C++ currently supports any `TokenCredential` for authenticating.
 
 In the sample below, you can create a credential by setting the Tenant ID, Client ID and Client Secret as environment variables.
 
 ```cpp Snippet:SecretSample2CreateCredential
-  auto tenantId = std::getenv("AZURE_TENANT_ID");
-  auto clientId = std::getenv("AZURE_CLIENT_ID");
-  auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
-  auto credential = std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
+  auto credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 ```
 
 Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application.

sdk/keyvault/azure-security-keyvault-secrets/samples/sample3_delete_recover.md

@@ -6,15 +6,12 @@ This sample demonstrates how to delete and recover a deleted secret in Azure Key
 
 To create a new `SecretClient` to create, get, update, or delete secrets, you need the endpoint to an Azure Key Vault and credentials.
 
-Key Vault Secrets client for C++ currently supports the `ClientSecretCredential` for authenticating.
+Key Vault Secrets client for C++ currently supports any `TokenCredential` for authenticating.
 
 In the sample below, you can create a credential by setting the Tenant ID, Client ID and Client Secret as environment variables.
 
 ```cpp Snippet:SecretSample3CreateCredential
-  auto tenantId = std::getenv("AZURE_TENANT_ID");
-  auto clientId = std::getenv("AZURE_CLIENT_ID");
-  auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
-  auto credential = std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
+  auto credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 ```
 
 Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application.

sdk/keyvault/azure-security-keyvault-secrets/samples/sample4_get_secrets_deleted.md

@@ -6,15 +6,12 @@ This sample demonstrates how to list all the secrets , all the versions of a sec
 
 To create a new `SecretClient` to create, get, update, or delete secrets, you need the endpoint to an Azure Key Vault and credentials.
 
-Key Vault Secrets client for C++ currently supports the `ClientSecretCredential` for authenticating.
+Key Vault Secrets client for C++ currently supports any `TokenCredential` for authenticating.
 
 In the sample below, you can create a credential by setting the Tenant ID, Client ID and Client Secret as environment variables.
 
 ```cpp Snippet:SecretSample4CreateCredential
-  auto tenantId = std::getenv("AZURE_TENANT_ID");
-  auto clientId = std::getenv("AZURE_CLIENT_ID");
-  auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
-  auto credential = std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
+  auto credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 ```
 
 Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application.

sdk/keyvault/azure-security-keyvault-secrets/test/samples/sample1-basic-operations/sample1_basic_operations.cpp

@@ -7,9 +7,6 @@
  *
  * @remark The following environment variables must be set before running the sample.
  * - AZURE_KEYVAULT_URL:  To the Key Vault account URL.
- * - AZURE_TENANT_ID:     Tenant ID for the Azure account.
- * - AZURE_CLIENT_ID:     The Client ID to authenticate the request.
- * - AZURE_CLIENT_SECRET: The client secret.
  *
  */
 
@@ -24,11 +21,7 @@ using namespace std::chrono_literals;
 
 int main()
 {
-  auto tenantId = std::getenv("AZURE_TENANT_ID");
-  auto clientId = std::getenv("AZURE_CLIENT_ID");
-  auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
-  auto credential
-      = std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
+  auto credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 
   // create client
   SecretClient secretClient(std::getenv("AZURE_KEYVAULT_URL"), credential);

sdk/keyvault/azure-security-keyvault-secrets/test/samples/sample2-backup-restore/sample2_backup_restore.cpp

@@ -7,9 +7,6 @@
  *
  * @remark The following environment variables must be set before running the sample.
  * - AZURE_KEYVAULT_URL:  To the Key Vault account URL.
- * - AZURE_TENANT_ID:     Tenant ID for the Azure account.
- * - AZURE_CLIENT_ID:     The Client ID to authenticate the request.
- * - AZURE_CLIENT_SECRET: The client secret.
  *
  */
 
@@ -27,11 +24,7 @@ void AssertSecretsEqual(KeyVaultSecret const& expected, KeyVaultSecret const& ac
 
 int main()
 {
-  auto tenantId = std::getenv("AZURE_TENANT_ID");
-  auto clientId = std::getenv("AZURE_CLIENT_ID");
-  auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
-  auto credential
-      = std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
+  auto credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 
   // create client
   SecretClient secretClient(std::getenv("AZURE_KEYVAULT_URL"), credential);

sdk/keyvault/azure-security-keyvault-secrets/test/samples/sample3-delete-recover/sample3_delete_recover.cpp

@@ -7,9 +7,6 @@
  *
  * @remark The following environment variables must be set before running the sample.
  * - AZURE_KEYVAULT_URL:  To the Key Vault account URL.
- * - AZURE_TENANT_ID:     Tenant ID for the Azure account.
- * - AZURE_CLIENT_ID:     The Client ID to authenticate the request.
- * - AZURE_CLIENT_SECRET: The client secret.
  *
  */
 
@@ -26,11 +23,7 @@ void AssertSecretsEqual(KeyVaultSecret const& expected, KeyVaultSecret const& ac
 
 int main()
 {
-  auto tenantId = std::getenv("AZURE_TENANT_ID");
-  auto clientId = std::getenv("AZURE_CLIENT_ID");
-  auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
-  auto credential
-      = std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
+  auto credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 
   // create client
   SecretClient secretClient(std::getenv("AZURE_KEYVAULT_URL"), credential);

sdk/keyvault/azure-security-keyvault-secrets/test/samples/sample4-get-secrets-deleted/sample4_get_secrets_deleted.cpp

@@ -7,9 +7,6 @@
  *
  * @remark The following environment variables must be set before running the sample.
  * - AZURE_KEYVAULT_URL:  To the Key Vault account URL.
- * - AZURE_TENANT_ID:     Tenant ID for the Azure account.
- * - AZURE_CLIENT_ID:     The Client ID to authenticate the request.
- * - AZURE_CLIENT_SECRET: The client secret.
  *
  */
 
@@ -24,11 +21,7 @@ using namespace std::chrono_literals;
 
 int main()
 {
-  auto tenantId = std::getenv("AZURE_TENANT_ID");
-  auto clientId = std::getenv("AZURE_CLIENT_ID");
-  auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
-  auto credential
-      = std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
+  auto credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 
   // create client
   SecretClient secretClient(std::getenv("AZURE_KEYVAULT_URL"), credential);

sdk/keyvault/tools/cleanup/src/cleanup.cpp

@@ -7,9 +7,6 @@
  *
  * @remark The following environment variables must be set before running the sample.
  * - AZURE_KEYVAULT_URL:  To the Key Vault account URL.
- * - AZURE_TENANT_ID:     Tenant ID for the Azure account.
- * - AZURE_CLIENT_ID:     The Client ID to authenticate the request.
- * - AZURE_CLIENT_SECRET: The client secret.
  *
  */
 
@@ -28,11 +25,7 @@ using namespace std::chrono_literals;
 
 int main()
 {
-  auto tenantId = std::getenv("AZURE_TENANT_ID");
-  auto clientId = std::getenv("AZURE_CLIENT_ID");
-  auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
-  auto credential
-      = std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
+  auto credential = std::make_shared<Azure::Identity::DefaultAzureCredential>();
 
   SecretClient secretClient(std::getenv("AZURE_KEYVAULT_URL"), credential);
   KeyClient keyClient(std::getenv("AZURE_KEYVAULT_URL"), credential);

sdk/storage/MigrationGuide.md

@@ -65,7 +65,7 @@ v12
 A `TokenCredential` abstract class (different API surface than v7.5) exists in the [Azure Core](https://github.com/Azure/azure-sdk-for-cpp/tree/main/sdk/core/azure-core) package that all libraries of the new Azure SDK family depend on, and can be used to construct Storage clients. Implementations of this class can be found separately in the [Azure Identity](https://github.com/Azure/azure-sdk-for-cpp/tree/main/sdk/identity/azure-identity) package.
 
 ```cpp
-BlobServiceClient serviceClient(serviceUrl, std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret));
+BlobServiceClient serviceClient(serviceUrl, std::make_shared<Azure::Identity::DefaultAzureCredential>());
 ```
 
 #### SAS