Integrate Azure SQL Database with Service Connector

In this article, we cover the supported authentication methods and clients that you can use to connect your apps to Azure SQL Database using Service Connector. For each supported method, we provide sample code and describe the default environment variable names, values, and configuration obtained when creating a service connection.

Supported compute services

Service Connector can be used to connect the following compute services to Azure SQL Database:

Azure App Service
Azure Container Apps
Azure Functions
Azure Kubernetes Service (AKS)
Azure Spring Apps

Supported authentication types and clients

The following table shows which combinations of authentication methods and clients are supported for connecting your compute service to Azure SQL Database using Service Connector. A Yes indicates that the combination is supported, while a No indicates that it isn't supported.

Client type	System-assigned managed identity	User-assigned managed identity	Secret/connection string	Service principal
.NET	Yes	Yes	Yes	Yes
Go	No	No	Yes	No
Java	Yes	Yes	Yes	Yes
Java - Spring Boot	Yes	Yes	Yes	Yes
Node.js	Yes	Yes	Yes	Yes
PHP	No	No	Yes	No
Python	Yes	Yes	Yes	Yes
Python - Django	No	No	Yes	No
Ruby	No	No	Yes	No
None	Yes	Yes	Yes	Yes

Note

System-assigned managed identity, user-assigned managed identity and service principal authentication is only supported on Azure CLI.

Default environment variable names or application properties and sample code

Use the following connection details to connect compute services to Azure SQL Database. For each example, replace the placeholder texts <sql-server>, <sql-database>, <sql-username>, and <sql-password> with your own server name, database name, user ID, and password. For more information about naming conventions, check the Service Connector internals article.

System-assigned managed identity

Default environment variable name	Description	Sample value
`AZURE_SQL_CONNECTIONSTRING`	Azure SQL Database connection string	`Data Source=<sql-server>.database.windows.net,1433;Initial Catalog=<sql-database>;Authentication=ActiveDirectoryManagedIdentity`

Default environment variable name	Description	Sample value
`AZURE_SQL_CONNECTIONSTRING`	Azure SQL Database connection string	`jdbc:sqlserver://<sql-server>.database.windows.net:1433;databaseName=<sql-database>;authentication=ActiveDirectoryMSI;`

Default environment variable name	Description	Sample value
`spring.datasource.url`	Azure SQL Database datasource URL	`jdbc:sqlserver://<sql-server>.database.windows.net:1433;databaseName=<sql-db>;authentication=ActiveDirectoryMSI;`

Default environment variable name	Description	Sample value
`AZURE_SQL_SERVER`	Azure SQL Database server	`<sql-server>.database.windows.net`
`AZURE_SQL_PORT`	Azure SQL Database port	`1433`
`AZURE_SQL_DATABASE`	Azure SQL Database database	`<sql-database>`
`AZURE_SQL_AUTHENTICATION`	Azure SQL authentication	`ActiveDirectoryMsi`

Default environment variable name	Description	Sample value
`AZURE_SQL_SERVER`	Azure SQL Database server	`<sql-server>.database.windows.net`
`AZURE_SQL_PORT`	Azure SQL Database port	`1433`
`AZURE_SQL_DATABASE`	Azure SQL Database database	`<sql-database>`
`AZURE_SQL_AUTHENTICATIONTYPE`	Azure SQL Database authentication type	`azure-active-directory-default`

Default environment variable name	Description	Sample value
`AZURE_SQL_HOST`	Azure SQL Database server	`<sql-server>.database.windows.net`
`AZURE_SQL_PORT`	Azure SQL Database port	`1433`
`AZURE_SQL_DATABASE`	Azure SQL Database database	`<sql-database>`
`AZURE_SQL_AUTHENTICATION`	Azure SQL Database authentication type	`azure-active-directory-default`

Sample code

To connect to Azure SQL Database using a system-assigned managed identity, refer to the following steps and sample code.

Install dependencies.

dotnet add package Microsoft.Data.SqlClient

Get the Azure SQL Database connection string from the environment variable added by Service Connector.

using Microsoft.Data.SqlClient;

string connectionString = 
    Environment.GetEnvironmentVariable("AZURE_SQL_CONNECTIONSTRING")!;

using var connection = new SqlConnection(connectionString);
connection.Open();

For more information, see Using Active Directory Managed Identity authentication.

Add the following dependencies in your pom.xml file:

<dependency>
    <groupId>com.microsoft.sqlserver</groupId>
    <artifactId>mssql-jdbc</artifactId>
    <version>10.2.0.jre11</version>
</dependency>
<dependency>
    <groupId>com.azure</groupId>
    <artifactId>azure-identity</artifactId>
    <version>1.7.0</version>
</dependency>

Get the Azure SQL Database connection string from the environment variable added by Service Connector.

import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.Statement;

import com.microsoft.sqlserver.jdbc.SQLServerDataSource;

public class Main {
    public static void main(String[] args) {
        // AZURE_SQL_CONNECTIONSTRING should be one of the following:
        // For system-assigned managed identity: "jdbc:sqlserver://{SQLName}.database.windows.net:1433;databaseName={SQLDbName};authentication=ActiveDirectoryMSI;"
        // For user-assigned managed identity: "jdbc:sqlserver://{SQLName}.database.windows.net:1433;databaseName={SQLDbName};msiClientId={UserAssignedMiClientId};authentication=ActiveDirectoryMSI;"
        // For service principal: "jdbc:sqlserver://{SQLName}.database.windows.net:1433;databaseName={SQLDbName};user={ServicePrincipalClientId};password={spSecret};authentication=ActiveDirectoryServicePrincipal;"
        String connectionString = System.getenv("AZURE_SQL_CONNECTIONSTRING");
        SQLServerDataSource ds = new SQLServerDataSource();
        ds.setURL(connectionString);
        try (Connection connection = ds.getConnection()) {
            System.out.println("Connected successfully.");
        } catch (SQLException e) {
            e.printStackTrace();
        }
    }
}

For more information, see Connect to Azure databases from App Service without secrets using a managed identity.

For a Spring application, if you create a connection with option --client-type springboot, Service Connector sets the properties spring.datasource.url with value format jdbc:sqlserver://<sql-server>.database.windows.net:1433;databaseName=<sql-db>;authentication=ActiveDirectoryMSI; to Azure Spring Apps.

Update your application following the tutorial Migrate a Java application to use passwordless connections with Azure SQL Database. Remember to remove the spring.datasource.password configuration property if it was set before and add the correct dependencies.

Install dependencies.

python -m pip install mssql-python python-dotenv

Get the Azure SQL Database connection configurations from the environment variable added by Service Connector. When using the code below, uncomment the part of the code snippet for the authentication type you want to use.

import os
from mssql_python import connect

server = os.getenv('AZURE_SQL_SERVER')
port = os.getenv('AZURE_SQL_PORT')
database = os.getenv('AZURE_SQL_DATABASE')

# Uncomment the following lines corresponding to the authentication type you want to use.
# For system-assigned managed identity.
# connection_string = f'Server={server},{port};Database={database};Authentication=ActiveDirectoryMSI;Encrypt=yes;TrustServerCertificate=no;Connection Timeout=30'

# For user-assigned managed identity.
# client_id = os.getenv('AZURE_SQL_USER')
# connection_string = f'Server={server},{port};Database={database};UID={client_id};Authentication=ActiveDirectoryMSI;Encrypt=yes;TrustServerCertificate=no;Connection Timeout=30'

# For service principal.
# user = os.getenv('AZURE_SQL_USER')
# password = os.getenv('AZURE_SQL_PASSWORD')
# connection_string = f'Server={server},{port};Database={database};UID={user};PWD={password};Authentication=ActiveDirectoryServicePrincipal;Encrypt=yes;TrustServerCertificate=no;Connection Timeout=30'

conn = connect(connection_string)

Install dependencies.
```
npm install mssql
```

Get the Azure SQL Database connection configurations from the environment variables added by Service Connector. When using the code below, uncomment the part of the code snippet for the authentication type you want to use.

import sql from 'mssql';

const server = process.env.AZURE_SQL_SERVER;
const database = process.env.AZURE_SQL_DATABASE;
const port = parseInt(process.env.AZURE_SQL_PORT);
const authenticationType = process.env.AZURE_SQL_AUTHENTICATIONTYPE;

// Uncomment the following lines corresponding to the authentication type you want to use.
// For system-assigned managed identity.
// const config = {
//     server,
//     port,
//     database,
//     authentication: {
//         type: authenticationType
//     },
//     options: {
//        encrypt: true
//     }
// };  

// For user-assigned managed identity.
// const clientId = process.env.AZURE_SQL_CLIENTID;
// const config = {
//     server,
//     port,
//     database,
//     authentication: {
//         type: authenticationType
//     },
//     options: {
//         encrypt: true,
//         clientId: clientId
//     }
// };  

// For service principal.
// const clientId = process.env.AZURE_SQL_CLIENTID;
// const clientSecret = process.env.AZURE_SQL_CLIENTSECRET;
// const tenantId = process.env.AZURE_SQL_TENANTID;
// const config = {
//     server,
//     port,
//     database,
//     authentication: {
//         type: authenticationType
//     },
//     options: {
//         encrypt: true,
//         clientId: clientId,
//         clientSecret: clientSecret,
//         tenantId: tenantId
//     }
// };  

this.poolconnection = await sql.connect(config);

For more information, see Homepage for client programming to Microsoft SQL Server.

User-assigned managed identity

Default environment variable name	Description	Sample value
`AZURE_SQL_CONNECTIONSTRING`	Azure SQL Database connection string	`Data Source=<sql-server>.database.windows.net,1433;Initial Catalog=<sql-database>;User ID=<identity-client-ID>;Authentication=ActiveDirectoryManagedIdentity`

Default environment variable name	Description	Sample value
`AZURE_SQL_CONNECTIONSTRING`	Azure SQL Database connection string	`jdbc:sqlserver://<sql-server>.database.windows.net:1433;databaseName=<sql-database>;msiClientId=<msiClientId>;authentication=ActiveDirectoryMSI;`

Default environment variable name	Description	Sample value
`spring.datasource.url`	Azure SQL Database datasource URL	`jdbc:sqlserver://<sql-server>.database.windows.net:1433;databaseName=<sql-db>;msiClientId=<msiClientId>;authentication=ActiveDirectoryMSI;`

Default environment variable name	Description	Sample value
`AZURE_SQL_SERVER`	Azure SQL Database server	`<sql-server>.database.windows.net`
`AZURE_SQL_PORT`	Azure SQL Database port	`1433`
`AZURE_SQL_DATABASE`	Azure SQL Database database	`<sql-database>`
`AZURE_SQL_USER`	Azure SQL Database user	`Object (principal) ID`
`AZURE_SQL_AUTHENTICATION`	Azure SQL authentication	`ActiveDirectoryMsi`

Default environment variable name	Description	Sample value
`AZURE_SQL_SERVER`	Azure SQL Database server	`<sql-server>.database.windows.net`
`AZURE_SQL_PORT`	Azure SQL Database port	`1433`
`AZURE_SQL_DATABASE`	Azure SQL Database database	`<sql-database>`
`AZURE_SQL_AUTHENTICATIONTYPE`	Azure SQL Database authentication type	`azure-active-directory-default`
`AZURE_SQL_CLIENTID`	Azure SQL Database client ID	`<identity-client-ID>`

Default environment variable name	Description	Sample value
`AZURE_SQL_HOST`	Azure SQL Database server	`<sql-server>.database.windows.net`
`AZURE_SQL_PORT`	Azure SQL Database port	`1433`
`AZURE_SQL_DATABASE`	Azure SQL Database database	`<sql-database>`
`AZURE_SQL_AUTHENTICATION`	Azure SQL Database authentication type	`azure-active-directory-default`
`AZURE_SQL_USERNAME`	Azure SQL Database client ID	`<your Client ID>`

Sample code

To connect to Azure SQL Database using a user-assigned managed identity, refer to the following steps and sample code.

Install dependencies.

dotnet add package Microsoft.Data.SqlClient

Get the Azure SQL Database connection string from the environment variable added by Service Connector.

using Microsoft.Data.SqlClient;

string connectionString = 
    Environment.GetEnvironmentVariable("AZURE_SQL_CONNECTIONSTRING")!;

using var connection = new SqlConnection(connectionString);
connection.Open();

For more information, see Using Active Directory Managed Identity authentication.

Add the following dependencies in your pom.xml file:

<dependency>
    <groupId>com.microsoft.sqlserver</groupId>
    <artifactId>mssql-jdbc</artifactId>
    <version>10.2.0.jre11</version>
</dependency>
<dependency>
    <groupId>com.azure</groupId>
    <artifactId>azure-identity</artifactId>
    <version>1.7.0</version>
</dependency>

Get the Azure SQL Database connection string from the environment variable added by Service Connector.

import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.Statement;

import com.microsoft.sqlserver.jdbc.SQLServerDataSource;

public class Main {
    public static void main(String[] args) {
        // AZURE_SQL_CONNECTIONSTRING should be one of the following:
        // For system-assigned managed identity: "jdbc:sqlserver://{SQLName}.database.windows.net:1433;databaseName={SQLDbName};authentication=ActiveDirectoryMSI;"
        // For user-assigned managed identity: "jdbc:sqlserver://{SQLName}.database.windows.net:1433;databaseName={SQLDbName};msiClientId={UserAssignedMiClientId};authentication=ActiveDirectoryMSI;"
        // For service principal: "jdbc:sqlserver://{SQLName}.database.windows.net:1433;databaseName={SQLDbName};user={ServicePrincipalClientId};password={spSecret};authentication=ActiveDirectoryServicePrincipal;"
        String connectionString = System.getenv("AZURE_SQL_CONNECTIONSTRING");
        SQLServerDataSource ds = new SQLServerDataSource();
        ds.setURL(connectionString);
        try (Connection connection = ds.getConnection()) {
            System.out.println("Connected successfully.");
        } catch (SQLException e) {
            e.printStackTrace();
        }
    }
}

For more information, see Connect to Azure databases from App Service without secrets using a managed identity.

Install dependencies.

python -m pip install mssql-python python-dotenv

import os
from mssql_python import connect

server = os.getenv('AZURE_SQL_SERVER')
port = os.getenv('AZURE_SQL_PORT')
database = os.getenv('AZURE_SQL_DATABASE')

# Uncomment the following lines corresponding to the authentication type you want to use.
# For system-assigned managed identity.
# connection_string = f'Server={server},{port};Database={database};Authentication=ActiveDirectoryMSI;Encrypt=yes;TrustServerCertificate=no;Connection Timeout=30'

# For user-assigned managed identity.
# client_id = os.getenv('AZURE_SQL_USER')
# connection_string = f'Server={server},{port};Database={database};UID={client_id};Authentication=ActiveDirectoryMSI;Encrypt=yes;TrustServerCertificate=no;Connection Timeout=30'

# For service principal.
# user = os.getenv('AZURE_SQL_USER')
# password = os.getenv('AZURE_SQL_PASSWORD')
# connection_string = f'Server={server},{port};Database={database};UID={user};PWD={password};Authentication=ActiveDirectoryServicePrincipal;Encrypt=yes;TrustServerCertificate=no;Connection Timeout=30'

conn = connect(connection_string)

Install dependencies.
```
npm install mssql
```

import sql from 'mssql';

const server = process.env.AZURE_SQL_SERVER;
const database = process.env.AZURE_SQL_DATABASE;
const port = parseInt(process.env.AZURE_SQL_PORT);
const authenticationType = process.env.AZURE_SQL_AUTHENTICATIONTYPE;

// Uncomment the following lines corresponding to the authentication type you want to use.
// For system-assigned managed identity.
// const config = {
//     server,
//     port,
//     database,
//     authentication: {
//         type: authenticationType
//     },
//     options: {
//        encrypt: true
//     }
// };  

// For user-assigned managed identity.
// const clientId = process.env.AZURE_SQL_CLIENTID;
// const config = {
//     server,
//     port,
//     database,
//     authentication: {
//         type: authenticationType
//     },
//     options: {
//         encrypt: true,
//         clientId: clientId
//     }
// };  

// For service principal.
// const clientId = process.env.AZURE_SQL_CLIENTID;
// const clientSecret = process.env.AZURE_SQL_CLIENTSECRET;
// const tenantId = process.env.AZURE_SQL_TENANTID;
// const config = {
//     server,
//     port,
//     database,
//     authentication: {
//         type: authenticationType
//     },
//     options: {
//         encrypt: true,
//         clientId: clientId,
//         clientSecret: clientSecret,
//         tenantId: tenantId
//     }
// };  

this.poolconnection = await sql.connect(config);

For more information, see Homepage for client programming to Microsoft SQL Server.

Connection string

Warning

Microsoft recommends that you use the most secure authentication flow available. The authentication flow described in this procedure requires a high degree of trust in the application, and carries risks that aren't present in other flows. You should only use this flow when other more secure flows, such as managed identities, aren't viable.

Default environment variable name	Description	Sample value
`AZURE_SQL_CONNECTIONSTRING`	Azure SQL Database connection string	`Data Source=<sql-server>.database.windows.net,1433;Initial Catalog=<sql-database>;Password=<sql-password>`

Default environment variable name	Description	Sample value
`AZURE_SQL_CONNECTIONSTRING`	Azure SQL Database connection string	`jdbc:sqlserver://<sql-server>.database.windows.net:1433;databaseName=<sql-database>;user=<sql-username>;password=<sql-password>;`

Default environment variable name	Description	Sample value
`spring.datasource.url`	Azure SQL Database datasource URL	`jdbc:sqlserver://<sql-server>.database.windows.net:1433;databaseName=<sql-db>;`
`spring.datasource.username`	Azure SQL Database datasource username	`<sql-user>`
`spring.datasource.password`	Azure SQL Database datasource password	`<sql-password>`

Default environment variable name	Description	Sample value
`AZURE_SQL_SERVER`	Azure SQL Database server	`<sql-server>.database.windows.net`
`AZURE_SQL_PORT`	Azure SQL Database port	`1433`
`AZURE_SQL_DATABASE`	Azure SQL Database database	`<sql-database>`
`AZURE_SQL_USER`	Azure SQL Database user	`<sql-username>`
`AZURE_SQL_PASSWORD`	Azure SQL Database password	`<sql-password>`

Default environment variable name	Description	Sample value
`AZURE_SQL_HOST`	Azure SQL Database host	`<sql-server>.database.windows.net`
`AZURE_SQL_PORT`	Azure SQL Database port	`1433`
`AZURE_SQL_NAME`	Azure SQL Database name	`<sql-database>`
`AZURE_SQL_USER`	Azure SQL Database user	`<sql-username>`
`AZURE_SQL_PASSWORD`	Azure SQL Database password	`<sql-password>`

Default environment variable name	Description	Sample value
`AZURE_SQL_CONNECTIONSTRING`	Azure SQL Database connection string	`server=<sql-server>.database.windows.net;port=1433;database=<sql-database>;user id=<sql-username>;password=<sql-password>;`

Default environment variable name	Description	Sample value
`AZURE_SQL_SERVER`	Azure SQL Database server	`<sql-server>.database.windows.net`
`AZURE_SQL_PORT`	Azure SQL Database port	`1433`
`AZURE_SQL_DATABASE`	Azure SQL Database database	`<sql-database>`
`AZURE_SQL_USERNAME`	Azure SQL Database username	`<sql-username>`
`AZURE_SQL_PASSWORD`	Azure SQL Database password	`<sql-password>`

Default environment variable name	Description	Sample value
`AZURE_SQL_SERVERNAME`	Azure SQL Database servername	`<sql-server>.database.windows.net,1433`
`AZURE_SQL_DATABASE`	Azure SQL Database database	`<sql-database>`
`AZURE_SQL_UID`	Azure SQL Database unique identifier (UID)	`<sql-username>`
`AZURE_SQL_PASSWORD`	Azure SQL Database password	`<sql-password>`

Default environment variable name	Description	Sample value
`AZURE_SQL_HOST`	Azure SQL Database host	`<sql-server>.database.windows.net`
`AZURE_SQL_PORT`	Azure SQL Database port	`1433`
`AZURE_SQL_DATABASE`	Azure SQL Database database	`<sql-database>`
`AZURE_SQL_USERNAME`	Azure SQL Database username	`<sql-username>`
`AZURE_SQL_PASSWORD`	Azure SQL Database password	`<sql-password>`

Default environment variable name	Description	Sample value
`AZURE_SQL_HOST`	Azure SQL Database host	`<sql-server>.database.windows.net`
`AZURE_SQL_PORT`	Azure SQL Database port	`1433`
`AZURE_SQL_DATABASE`	Azure SQL Database database	`<sql-database>`
`AZURE_SQL_USERNAME`	Azure SQL Database username	`<sql-username>`
`AZURE_SQL_PASSWORD`	Azure SQL Database password	`<sql-password>`

Sample code

To connect to Azure SQL Database using a connection string, refer to the following steps and sample code.

Install dependencies.

dotnet add package Microsoft.Data.SqlClient

Get the Azure SQL Database connection string from the environment variable added by Service Connector.

using Microsoft.Data.SqlClient;

string connectionString = 
    Environment.GetEnvironmentVariable("AZURE_SQL_CONNECTIONSTRING")!;

using var connection = new SqlConnection(connectionString);
connection.Open();

Add the following dependencies in your pom.xml file:

<dependency>
    <groupId>com.microsoft.sqlserver</groupId>
    <artifactId>mssql-jdbc</artifactId>
    <version>10.2.0.jre11</version>
</dependency>

Get the Azure SQL Database connection string from the environment variable added by Service Connector.

import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.Statement;

import com.microsoft.sqlserver.jdbc.SQLServerDataSource;

public class Main {
    public static void main(String[] args) {
        String connectionString = System.getenv("AZURE_SQL_CONNECTIONSTRING");
        SQLServerDataSource ds = new SQLServerDataSource();
        ds.setURL(connectionString);
        try (Connection connection = ds.getConnection()) {
            System.out.println("Connected successfully.");
        } catch (SQLException e) {
            e.printStackTrace();
        }
    }
}

Add dependency in your 'pom.xml' file:

<dependencyManagement>
  <dependencies>
    <dependency>
      <groupId>com.azure.spring</groupId>
      <artifactId>spring-cloud-azure-dependencies</artifactId>
      <version>5.20.0</version>
      <type>pom</type>
      <scope>import</scope>
    </dependency>
  </dependencies>
</dependencyManagement>

Set up the Spring application. The connection configurations are added to Spring Apps by Service Connector.

Install dependencies.

python -m pip install mssql-python python-dotenv

Get the Azure SQL Database connection configurations from the environment variable added by Service Connector.

import os
from mssql_python import connect

server = os.getenv('AZURE_SQL_SERVER')
port = os.getenv('AZURE_SQL_PORT')
database = os.getenv('AZURE_SQL_DATABASE')
user = os.getenv('AZURE_SQL_USER')
password = os.getenv('AZURE_SQL_PASSWORD')

connection_string = f'Server={server},{port};Database={database};UID={user};PWD={password};Encrypt=yes;TrustServerCertificate=no;Connection Timeout=30'

conn = connect(connection_string)

Install dependencies.

pip install django
pip install mssql-django pyodbc

In the setting file, get the Azure SQL Database connection configurations from the environment variable added by Service Connector.

# in your setting file, eg. settings.py

server = os.getenv('AZURE_SQL_HOST')
port = os.getenv('AZURE_SQL_PORT')
database = os.getenv('AZURE_SQL_NAME')
user = os.getenv('AZURE_SQL_USER')
password = os.getenv('AZURE_SQL_PASSWORD')

DATABASES = {
    'default': {
        'ENGINE': 'mssql',
        'NAME': database,
        'USER': user,
        'PASSWORD': password,
        'HOST': server,
        'PORT': port,
        'OPTIONS': {
            'driver': 'ODBC Driver 18 for SQL Server',
        },
    },
}

Install dependency.

go install github.com/microsoft/go-mssqldb@latest

Get the Azure SQL Database connection string from the environment variable added by Service Connector.

import (
	"context"
	"database/sql"
	"fmt"
	"log"

    "github.com/microsoft/go-mssqldb/azuread"
)
connectionString := os.Getenv("AZURE_SQL_CONNECTIONSTRING")

db, err = sql.Open(azuread.DriverName, connString)
if err != nil {
    log.Fatal("Error creating connection pool: " + err.Error())
}
log.Printf("Connected!\n")

Install dependencies.
```
npm install mssql
```

Get the Azure SQL Database connection configurations from the environment variables added by Service Connector.

import sql from 'mssql';

const server = process.env.AZURE_SQL_SERVER;
const database = process.env.AZURE_SQL_DATABASE;
const port = parseInt(process.env.AZURE_SQL_PORT);
const username = process.env.AZURE_SQL_USERNAME;
const password = process.env.AZURE_SQL_PASSWORD;

const config = {
    server,
    port,
    database,
    user,
    password,
    options: {
       encrypt: true
    }
};  

this.poolconnection = await sql.connect(config);

Download the Microsoft Drivers for PHP for SQL Server. For more information, check Getting Started with the Microsoft Drivers for PHP for SQL Server.

Get the Azure SQL Database connection configurations from the environment variables added by Service Connector.

<?php
$server = getenv("AZURE_SQL_SERVERNAME");
$database = getenv("AZURE_SQL_DATABASE");
$user = getenv("AZURE_SQL_UID");
$password = getenv("AZURE_SQL_PASSWORD");

$connectionOptions = array(
    "Database" => database,
    "Uid" => user,
    "PWD" => password
);

$conn = sqlsrv_connect($serverName, $connectionOptions);
?>

Download Ruby Driver for SQL Server. For more information, check Configure development environment for Ruby development.

Get the Azure SQL Database connection configurations from the environment variables added by Service Connector.

client = TinyTds::Client.new username: ENV['AZURE_SQL_USERNAME'], password: ENV['AZURE_SQL_PASSWORD'],  
host: ENV['AZURE_SQL_HOST'], port: ENV['AZURE_SQL_PORT'],  
database: ENV['AZURE_SQL_DATABASE'], azure:true

For more information, see Homepage for client programming to Microsoft SQL Server.

Service principal

Default environment variable name	Description	Example value
`AZURE_SQL_CLIENTID`	Your client ID	`<client-ID>`
`AZURE_SQL_CLIENTSECRET`	Your client secret	`<client-secret>`
`AZURE_SQL_TENANTID`	Your tenant ID	`<tenant-ID>`
`AZURE_SQL_CONNECTIONSTRING`	Azure SQL Database connection string	`Data Source=<sql-server>.database.windows.net,1433;Initial Catalog=<sql-database>;User ID=<client-Id>;Password=<client-secret>;Authentication=ActiveDirectoryServicePrincipal`

Default environment variable name	Description	Sample value
`AZURE_SQL_CONNECTIONSTRING`	Azure SQL Database connection string	`jdbc:sqlserver://<sql-server>.database.windows.net:1433;databaseName=<sql-database>;user=<client-Id>;password=<client-secret>;authentication=ActiveDirectoryServicePrincipal;`

Default environment variable name	Description	Sample value
`spring.datasource.url`	Azure SQL Database datasource URL	`jdbc:sqlserver://<sql-server>.database.windows.net:1433;databaseName=<sql-db>;authentication=ActiveDirectoryServicePrincipal;`
`spring.datasource.username`	Azure SQL Database datasource username	`<client-Id>`
`spring.datasource.password`	Azure SQL Database datasource password	`<client-Secret>`

Default environment variable name	Description	Sample value
`AZURE_SQL_SERVER`	Azure SQL Database server	`<sql-server>.database.windows.net`
`AZURE_SQL_PORT`	Azure SQL Database port	`1433`
`AZURE_SQL_DATABASE`	Azure SQL Database database	`<sql-database>`
`AZURE_SQL_USER`	Azure SQL Database user	`your Client Id`
`AZURE_SQL_AUTHENTICATION`	Azure SQL authentication	`ActiveDirectoryServerPrincipal`
`AZURE_SQL_PASSWORD`	Azure SQL Database password	`your Client Secret`

Default environment variable name	Description	Sample value
`AZURE_SQL_SERVER`	Azure SQL Database server	`<sql-server>.database.windows.net`
`AZURE_SQL_PORT`	Azure SQL Database port	`1433`
`AZURE_SQL_DATABASE`	Azure SQL Database database	`<sql-database>`
`AZURE_SQL_AUTHENTICATIONTYPE`	Azure SQL Database authentication type	`azure-active-directory-default`
`AZURE_SQL_CLIENTID`	Azure SQL Database client ID	`<your Client ID>`
`AZURE_SQL_CLIENTSECRET`	Azure SQL Database client Secret	`<your Client Secret >`
`AZURE_SQL_TENANTID`	Azure SQL Database Tenant ID	`<your Tenant ID>`

Default environment variable name	Description	Sample value
`AZURE_SQL_HOST`	Azure SQL Database server	`<sql-server>.database.windows.net`
`AZURE_SQL_PORT`	Azure SQL Database port	`1433`
`AZURE_SQL_DATABASE`	Azure SQL Database database	`<sql-database>`
`AZURE_SQL_AUTHENTICATION`	Azure SQL Database authentication type	`azure-active-directory-default`
`AZURE_SQL_USERNAME`	Azure SQL Database client ID	`<your Client ID>`
`AZURE_SQL_PASSWORD`	Azure SQL Database client Secret	`<your Client Secret >`

Sample code

To connect to Azure SQL Database using a service principal, refer to the following steps and sample code.

Install dependencies.

dotnet add package Microsoft.Data.SqlClient

Get the Azure SQL Database connection string from the environment variable added by Service Connector.

using Microsoft.Data.SqlClient;

string connectionString = 
    Environment.GetEnvironmentVariable("AZURE_SQL_CONNECTIONSTRING")!;

using var connection = new SqlConnection(connectionString);
connection.Open();

For more information, see Using Active Directory Managed Identity authentication.

Add the following dependencies in your pom.xml file:

<dependency>
    <groupId>com.microsoft.sqlserver</groupId>
    <artifactId>mssql-jdbc</artifactId>
    <version>10.2.0.jre11</version>
</dependency>
<dependency>
    <groupId>com.azure</groupId>
    <artifactId>azure-identity</artifactId>
    <version>1.7.0</version>
</dependency>

Get the Azure SQL Database connection string from the environment variable added by Service Connector.

import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.Statement;

import com.microsoft.sqlserver.jdbc.SQLServerDataSource;

public class Main {
    public static void main(String[] args) {
        // AZURE_SQL_CONNECTIONSTRING should be one of the following:
        // For system-assigned managed identity: "jdbc:sqlserver://{SQLName}.database.windows.net:1433;databaseName={SQLDbName};authentication=ActiveDirectoryMSI;"
        // For user-assigned managed identity: "jdbc:sqlserver://{SQLName}.database.windows.net:1433;databaseName={SQLDbName};msiClientId={UserAssignedMiClientId};authentication=ActiveDirectoryMSI;"
        // For service principal: "jdbc:sqlserver://{SQLName}.database.windows.net:1433;databaseName={SQLDbName};user={ServicePrincipalClientId};password={spSecret};authentication=ActiveDirectoryServicePrincipal;"
        String connectionString = System.getenv("AZURE_SQL_CONNECTIONSTRING");
        SQLServerDataSource ds = new SQLServerDataSource();
        ds.setURL(connectionString);
        try (Connection connection = ds.getConnection()) {
            System.out.println("Connected successfully.");
        } catch (SQLException e) {
            e.printStackTrace();
        }
    }
}

For more information, see Connect to Azure databases from App Service without secrets using a managed identity.

Install dependencies.

python -m pip install mssql-python python-dotenv

import os
from mssql_python import connect

server = os.getenv('AZURE_SQL_SERVER')
port = os.getenv('AZURE_SQL_PORT')
database = os.getenv('AZURE_SQL_DATABASE')

# Uncomment the following lines corresponding to the authentication type you want to use.
# For system-assigned managed identity.
# connection_string = f'Server={server},{port};Database={database};Authentication=ActiveDirectoryMSI;Encrypt=yes;TrustServerCertificate=no;Connection Timeout=30'

# For user-assigned managed identity.
# client_id = os.getenv('AZURE_SQL_USER')
# connection_string = f'Server={server},{port};Database={database};UID={client_id};Authentication=ActiveDirectoryMSI;Encrypt=yes;TrustServerCertificate=no;Connection Timeout=30'

# For service principal.
# user = os.getenv('AZURE_SQL_USER')
# password = os.getenv('AZURE_SQL_PASSWORD')
# connection_string = f'Server={server},{port};Database={database};UID={user};PWD={password};Authentication=ActiveDirectoryServicePrincipal;Encrypt=yes;TrustServerCertificate=no;Connection Timeout=30'

conn = connect(connection_string)

Install dependencies.
```
npm install mssql
```

import sql from 'mssql';

const server = process.env.AZURE_SQL_SERVER;
const database = process.env.AZURE_SQL_DATABASE;
const port = parseInt(process.env.AZURE_SQL_PORT);
const authenticationType = process.env.AZURE_SQL_AUTHENTICATIONTYPE;

// Uncomment the following lines corresponding to the authentication type you want to use.
// For system-assigned managed identity.
// const config = {
//     server,
//     port,
//     database,
//     authentication: {
//         type: authenticationType
//     },
//     options: {
//        encrypt: true
//     }
// };  

// For user-assigned managed identity.
// const clientId = process.env.AZURE_SQL_CLIENTID;
// const config = {
//     server,
//     port,
//     database,
//     authentication: {
//         type: authenticationType
//     },
//     options: {
//         encrypt: true,
//         clientId: clientId
//     }
// };  

// For service principal.
// const clientId = process.env.AZURE_SQL_CLIENTID;
// const clientSecret = process.env.AZURE_SQL_CLIENTSECRET;
// const tenantId = process.env.AZURE_SQL_TENANTID;
// const config = {
//     server,
//     port,
//     database,
//     authentication: {
//         type: authenticationType
//     },
//     options: {
//         encrypt: true,
//         clientId: clientId,
//         clientSecret: clientSecret,
//         tenantId: tenantId
//     }
// };  

this.poolconnection = await sql.connect(config);

For more information, see Homepage for client programming to Microsoft SQL Server.

Next steps

To learn more about Service Connector, see the following tutorial.

Learn about Service Connector concepts

Feedback

Was this page helpful?

Last updated on 2026-02-18

Share via

Integrate Azure SQL Database with Service Connector

Supported compute services

Supported authentication types and clients

Default environment variable names or application properties and sample code

System-assigned managed identity

Sample code

User-assigned managed identity

Sample code

Connection string

Sample code

Service principal

Sample code

Next steps

Feedback

Additional resources