Hi team,
We’ve run into a limitation around SQL Server authentication that currently blocks us from using the CLI for contract validation in one of our key source systems.
If you have any suggestions on a working solution for the below use case, that would also be greatly appreciated!
Use case
We have a SQL Server–backed source system where:
- The database is only accessible via Azure AD / Entra ID authentication (no SQL logins allowed).
- We are successfully ingesting data from this source using
dlt, which supports Azure AD–based auth.
- We would now like to validate this data using
datacontract-cli against the same source, but we cannot, because the CLI only supports:
- SQL auth (
DATACONTRACT_SQLSERVER_USERNAME / DATACONTRACT_SQLSERVER_PASSWORD), and
- Windows integrated auth via
DATACONTRACT_SQLSERVER_TRUSTED_CONNECTION.
Since the database does not allow the creation of SQL users and we cannot use Windows integrated auth in this environment, we currently have no way to point datacontract-cli at this source system for validation.
Requested feature
Add support for Azure AD / Entra ID authentication modes for SQL Server, specifically ActiveDirectoryPassword (and potentially related Entra ID modes if feasible), so that:
- We can authenticate using an Entra ID principal and password (or possibly client credentials / device code in the future).
- The CLI can connect to the same SQL Server sources we already use with tools like
dlt and other Entra-aware connectors.
Concretely, something along these lines would already unblock us:
- New environment variables (example naming, open to your design):
DATACONTRACT_SQLSERVER_AUTHENTICATION=ActiveDirectoryPasswordDATACONTRACT_SQLSERVER_AD_USERNAMEDATACONTRACT_SQLSERVER_AD_PASSWORD
- Or a more generic mechanism to pass through
Authentication=Active Directory Password (or equivalent) into the underlying connection string/driver.
Hi team,
We’ve run into a limitation around SQL Server authentication that currently blocks us from using the CLI for contract validation in one of our key source systems.
If you have any suggestions on a working solution for the below use case, that would also be greatly appreciated!
Use case
We have a SQL Server–backed source system where:
dlt, which supports Azure AD–based auth.datacontract-cliagainst the same source, but we cannot, because the CLI only supports:DATACONTRACT_SQLSERVER_USERNAME/DATACONTRACT_SQLSERVER_PASSWORD), andDATACONTRACT_SQLSERVER_TRUSTED_CONNECTION.Since the database does not allow the creation of SQL users and we cannot use Windows integrated auth in this environment, we currently have no way to point
datacontract-cliat this source system for validation.Requested feature
Add support for Azure AD / Entra ID authentication modes for SQL Server, specifically
ActiveDirectoryPassword(and potentially related Entra ID modes if feasible), so that:dltand other Entra-aware connectors.Concretely, something along these lines would already unblock us:
DATACONTRACT_SQLSERVER_AUTHENTICATION=ActiveDirectoryPasswordDATACONTRACT_SQLSERVER_AD_USERNAMEDATACONTRACT_SQLSERVER_AD_PASSWORDAuthentication=Active Directory Password(or equivalent) into the underlying connection string/driver.