MS-TDS with Azure Active Directory
Azure AD User Authentication
SQL clients that support Azure AD user authentication can be used with Azure Data Explorer.
.NET SQL Client (user)
For example, for integrated Azure AD:
var csb = new SqlConnectionStringBuilder()
{
InitialCatalog = "mydatabase",
Authentication = SqlAuthenticationMethod.ActiveDirectoryIntegrated,
DataSource = "mykusto.kusto.windows.net"
};
Kusto supports authentication with already obtained access token:
var csb = new SqlConnectionStringBuilder()
{
InitialCatalog = "mydatabase",
DataSource = "mykusto.kusto.windows.net"
};
using (var connection = new SqlConnection(csb.ToString()))
{
connection.AccessToken = accessToken;
await connection.OpenAsync();
}
JDBC (user)
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.ResultSetMetaData;
import java.sql.Statement;
import com.microsoft.sqlserver.jdbc.SQLServerDataSource;
import com.microsoft.aad.adal4j.*;
public class Sample {
public static void main(String[] args) throws Exception {
AuthenticationResult authenticationResult = futureAuthenticationResult.get();
SQLServerDataSource ds = new SQLServerDataSource();
ds.setServerName("<your cluster DNS name>");
ds.setDatabaseName("<your database name>");
ds.setHostNameInCertificate("*.kusto.windows.net"); // Or appropriate regional domain.
ds.setAuthentication("ActiveDirectoryIntegrated");
try (Connection connection = ds.getConnection();
Statement stmt = connection.createStatement();) {
ResultSet rs = stmt.executeQuery("<your T-SQL query>");
/*
Read query result.
*/
} catch (Exception e) {
System.out.println();
e.printStackTrace();
}
}
}
Azure AD Application Authentication
Azure AD application provisioned for Kusto can use SQL client libraries that support Azure AD for connecting to Kusto. For more information about Azure AD applications, see Creating an Azure AD Application.
.NET SQL Client (application)
Assuming you have provisioned Azure AD application with ApplicationClientId and ApplicationKey and granted it permissions to access database DatabaseName on cluster ClusterDnsName, the following sample demonstrates how to use .NET SQL Client for queries from this Azure AD application.
using Microsoft.IdentityModel.Clients.ActiveDirectory;
using System;
using System.Data;
using System.Data.SqlClient;
namespace Sample
{
class Program
{
private static async Task<string> ObtainToken()
{
var authContext = new AuthenticationContext(
// Can also use tenant ID.
"https://login.microsoftonline.com/<your AAD tenant name>");
var applicationCredentials = new ClientCredential(
"<your application client ID>",
"<your application key>");
var result = await authContext.AcquireTokenAsync(
"https://<your cluster DNS name>",
applicationCredentials);
return result.AccessToken;
}
private static async Task QuerySample()
{
var csb = new SqlConnectionStringBuilder()
{
InitialCatalog = "<your database name>",
DataSource = "<your cluster DNS name>"
};
using (var connection = new SqlConnection(csb.ToString()))
{
connection.AccessToken = await ObtainToken();
await connection.OpenAsync();
using (var command = new SqlCommand(
"<your T-SQL query>",
connection))
{
var reader = await command.ExecuteReaderAsync();
/*
Read query result.
*/
}
}
}
}
}
JDBC (application)
import java.sql.*;
import com.microsoft.sqlserver.jdbc.*;
import com.microsoft.aad.adal4j.*;
public class Sample {
public static void main(String[] args) throws Throwable {
ExecutorService service = Executors.newFixedThreadPool(1);
// Can also use tenant name.
String url = "https://login.microsoftonline.com/<your AAD tenant ID>";
AuthenticationContext authenticationContext =
new AuthenticationContext(url, false, service);
ClientCredential clientCredential = new ClientCredential(
"<your application client ID>",
"<your application key>");
Future<AuthenticationResult> futureAuthenticationResult =
authenticationContext.acquireToken(
"https://<your cluster DNS name>",
clientCredential,
null);
AuthenticationResult authenticationResult = futureAuthenticationResult.get();
SQLServerDataSource ds = new SQLServerDataSource();
ds.setServerName("<your cluster DNS name>");
ds.setDatabaseName("<your database name>");
ds.setAccessToken(authenticationResult.getAccessToken());
connection = ds.getConnection();
statement = connection.createStatement();
ResultSet rs = statement.executeQuery("<your T-SQL query>");
/*
Read query result.
*/
}
}
Feedback
Submit and view feedback for