Thanks for the feedback! We are currently investigating and will update you shortly.

@guillermoarellano We are assigning this to the author for reviewing this request.

@MarkusVi @priyamohanram Could you please get this reviewed with the engineering and have this page updated accordingly?

To clarify, CosmosDB does not support Azure AD authentication. They closed the feedback request, stating that you can use KeyVault as a jumping point for authenticating to CosmosDB. "

All of the services that support managed identity (e.g. VM, Function, App Service, etc) use Azure AD tokens, to authenticate to services like Storage, Key Vault, etc.

please-close

There is a trick to do it:
You can use the Azure Resource API to get the connection string using MSI.
Example in pseudo-python:

from msrestazure.azure_active_directory import MSIAuthentication
from azure.mgmt.resource import ResourceManagementClient
import requests
from pymongo import MongoClient

.........


        credentials = MSIAuthentication().token
        headers = {
            'Transfer-Encoding': 'chunked',
            'Authorization': 'Bearer ' + credentials["access_token"],
        }

        params = (
            ('api-version', '2015-04-08'),
        )

        response = requests.post('https://management.azure.com/subscriptions/<subid>/resourceGroups/<rg-name>/providers/Microsoft.DocumentDB/databaseAccounts/<cosmos-db>/listConnectionStrings', headers=headers, params=params)
        connection_string = json.loads(response.text)["connectionStrings"][0]["connectionString"]

..........

            client = MongoClient(connection_string)
            db=client.admin
            print(db.command("serverStatus"))

Can someone link the PR that fixed this? I've gone through most of the Cosmos DB docs and cannot find a code example.