Sqlclient: Why `Microsoft.Data.SqlClient` has dependency to `Microsoft.Identity.Client`?

I couldn't figure out the best area label to add to this issue. If you have write-permissions please help me learn by adding exactly one area label.

@cheenamalhotra Could you please transfer this issue to https://github.com/dotnet/sqlclient?

Tagging subscribers to this area: @roji, @ajcvickers
See info in area-owners.md if you want to be subscribed.

Hi @dehghani-mehdi

We use Microsoft.Identity.Client (MSAL for .NET) to support Azure Active Directory authentication modes:

• Active Directory Password
• Active Directory Integrated
• Active Directory Interactive
• Active Directory Service Principal

May I ask if you are facing any issues? Could you elaborate?

Hi @cheenamalhotra

Yes, the description of Microsoft.Identity.Client package is as follow:

This package contains the binaries of the Microsoft Authentication Library for .NET (MSAL.NET).
MSAL.NET makes it easy to obtain tokens from the Microsoft identity platform for developers (formally Azure AD v2.0) signing-in users with work & school accounts, Microsoft personal accounts and social identities Azure AD B2C. These tokens again access to Microsoft Cloud API and any other API secured by the Microsoft identity platform. This version supports adding authentication functionality to your .NET based client on Windows desktop (.NET 4.5+), UWP, .NET Core, Xamarin iOS and Xamarin Android.

But I'm wondering how identitcation is relevent here? Microsoft.Data.SqlClient is just a data provider, again here is description of this package:

Provides the data provider for SQL Server. These classes provide access to versions of SQL Server and encapsulate database-specific protocols, including tabular data stream (TDS)

Commonly Used Types:
Microsoft.Data.SqlClient.SqlConnection
Microsoft.Data.SqlClient.SqlException
Microsoft.Data.SqlClient.SqlParameter
Microsoft.Data.SqlClient.SqlDataReader
Microsoft.Data.SqlClient.SqlCommand
Microsoft.Data.SqlClient.SqlTransaction
Microsoft.Data.SqlClient.SqlParameterCollection
Microsoft.Data.SqlClient.SqlClientFactory

Why this low level package should worry about Active Directory, Azure and ...?

May I ask if you are facing any issues? Could you elaborate?

Sure, no, I didn't, but I think having unnecessary dll/dependency should consider as issue.

Hi @dehghani-mehdi

Driver's support for Active Directory authentication modes is built-in, i.e. another dependency is not needed in order to authenticate as: Active Directory Password/Integrated/Interactive/Service principal, authentication modes and more are to come. MSAL is the new library and has replaced ADAL library that was used by System.Data.SqlClient.

The federated authentication design has always been built-in and moving away from it would have caused a lot of disturbance in community for existing SqlClient customers hence we chose to keep it backwards compatible. It's not impossible to do but Azure SQL is as much important to us as SQL Server and is heavily used, thus AD authentication is available in the driver as-is.

Also NuGet does not have a concept of Optional dependencies like Maven (https://github.com/NuGet/Home/issues/686), otherwise it would have been a perfect candidate.

Closing as by design.

All issues could be closed as by desgin.