Files
vscode/extensions/microsoft-authentication
Tyler James Leonhardt dd668b452b Restrict sovereign-cloud config in untrusted workspaces (#324853)
Mark microsoft-sovereign-cloud.environment and .customEnvironment as
restrictedConfigurations so their workspace-level values are ignored in
untrusted workspaces. These settings feed the MSAL authority/endpoint
URLs, so an attacker-supplied folder must not be able to override them
in Restricted Mode.

This requires switching untrustedWorkspaces.supported from `true` to
`limited`, since restrictedConfigurations is only honored for `limited`
support (see configurationExtensionPoint.ts).

Fixes microsoft/vscode-internalbacklog#8355

Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
2026-07-08 01:30:20 +00:00
..
2026-04-08 20:49:29 -07:00

Microsoft Authentication for Visual Studio Code

Notice: This extension is bundled with Visual Studio Code. It can be disabled but not uninstalled.

Features

This extension provides support for authenticating to Microsoft. It registers the microsoft Authentication Provider that can be leveraged by other extensions. This also provides the Microsoft authentication used by Settings Sync.

Additionally, it provides the microsoft-sovereign-cloud Authentication Provider that can be used to sign in to other Azure clouds like Azure for US Government or Azure China. Use the setting microsoft-sovereign-cloud.endpoint to select the authentication endpoint the provider should use. Please note that different scopes may also be required in different environments.