You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Allow Data API builder to read a development token from SQL_ACCESS_TOKEN and assign it to SqlConnection.AccessToken.
Important
This feature is explicitly scoped to development mode. Never use in production.
Why
When DAB runs in Docker, normal Entra credential chains often fail. Some SQL endpoints, such as Fabric SQL, require token authentication. This feature provides a development token override so containerized development works without changing production authentication.
How
No change to the configuration file.
No change to the command-line.
At connection creation:
if (development mode &&
not OBO &&
Entra authentication &&
SQL_ACCESS_TOKEN exists)
{
connection.AccessToken = SQL_ACCESS_TOKEN
connection.Pooling = false
}
Important
The env var is re-read on every connection open (never cached).
Note
In a pooled scenario, you might not see a clean error. So, we disable pooling.
Logging
When properly invoked:
[INFO] Using SQL_ACCESS_TOKEN for connection (development mode)
When prerequisites are not met:
[WARN] SQL_ACCESS_TOKEN set but requirements are not met — token ignored
Rules
only when the connection string uses Microsoft Entra authentication: Active Directory Default, Active Directory Managed Identity, Active Directory Workload Identity only.
only when the OBO flow is not being used
only when SQL_ACCESS_TOKEN exists
only when runtime.host.mode=development
always allow the engine to start
let the database raise connection errors if the token is invalid
do not cache the token, re-read it every time a connection is opened
What
Allow Data API builder to read a development token from
SQL_ACCESS_TOKENand assign it toSqlConnection.AccessToken.Important
This feature is explicitly scoped to development mode. Never use in production.
Why
When DAB runs in Docker, normal Entra credential chains often fail. Some SQL endpoints, such as Fabric SQL, require token authentication. This feature provides a development token override so containerized development works without changing production authentication.
How
At connection creation:
Important
The env var is re-read on every connection open (never cached).
Note
In a pooled scenario, you might not see a clean error. So, we disable pooling.
Logging
When properly invoked:
When prerequisites are not met:
Rules
Active Directory Default,Active Directory Managed Identity,Active Directory Workload Identityonly.OBOflow is not being usedSQL_ACCESS_TOKENexistsruntime.host.mode=development