regression test fix

[Sruuujaaan]

Related command

Description

Testing Guide

History Notes

[Component Name 1] BREAKING CHANGE: az command a: Make some customer-facing breaking change
[Component Name 2] az command b: Add some customer-facing feature

---

This checklist is used to make sure that common guidelines for a pull request are followed.

• The PR title and description has followed the guideline in Submitting Pull Requests.

• I adhere to the Command Guidelines.

• I adhere to the Error Handling Guidelines.

[azure-client-tools-bot-prd]

Validation for Azure CLI Full Test Starting...

Thanks for your contribution!

[azure-client-tools-bot-prd]

Validation for Breaking Change Starting...

Thanks for your contribution!

[Copilot]

Pull Request Overview

This PR adds a default value for the --audiences parameter in both the create and update commands for federated credentials, restoring expected behavior in regression tests.

• Set default=["api://AzureADTokenExchange"] for --audiences in both commands.
• Aligns create and update CLIs to ensure consistent defaulting.

Reviewed Changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

File	Description
_update.py	Added default audiences value to update command schema
_create.py	Added default audiences value to create command schema

Comments suppressed due to low confidence (4)

src/azure-cli/azure/cli/command_modules/identity/aaz/latest/identity/federated_credential/_create.py:90

• The help message does not mention the default value. Consider updating it to indicate that if not specified, api://AzureADTokenExchange will be used.

help="The aud value in the token sent to Azure for getting the user-assigned managed identity token. The value configured in the federated credential and the one in the incoming token must exactly match for Azure to issue the access token.",

src/azure-cli/azure/cli/command_modules/identity/aaz/latest/identity/federated_credential/_create.py:91

• There are no existing tests validating that the default audience value is applied when the flag is omitted. Adding a test would prevent future regressions.

default=["api://AzureADTokenExchange"],

src/azure-cli/azure/cli/command_modules/identity/aaz/latest/identity/federated_credential/_update.py:92

• The help text should note the default audience value (api://AzureADTokenExchange) for clarity when users omit the flag.

help="The aud value in the token sent to Azure for getting the user-assigned managed identity token. The value configured in the federated credential and the one in the incoming token must exactly match for Azure to issue the access token.",

src/azure-cli/azure/cli/command_modules/identity/aaz/latest/identity/federated_credential/_update.py:93

• Add or update tests to verify that the default audience is applied correctly when --audiences is not provided to prevent regression.

default=["api://AzureADTokenExchange"],

[Copilot]

The default audience string is duplicated in two places. Consider extracting it into a shared constant (e.g., DEFAULT_AUDIENCES) to avoid magic literals and simplify future updates.

Suggested change

	default=["api://AzureADTokenExchange"],
	default=DEFAULT_AUDIENCES,

[Copilot]

The default audience string is duplicated in two files. Consider extracting it into a shared constant to reduce duplication and ease maintenance.

Suggested change

	default=["api://AzureADTokenExchange"],
	default=[DEFAULT_AUDIENCE],

[yonzhan]

regression test fix