AzureAD · juliovi-1 · Jun 29, 2026 · Jun 29, 2026
@@ -4,6 +4,9 @@
 ### New Features
 - Exposed canonical OpenTelemetry tag names per metric via `MsalMetricsCatalog.CanonicalTagsByMetric` for discoverability and validation. [#6076](https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/pull/6076)
 
+### Changes
+- Managed identity error messages and request-failure logs now include the detected `ManagedIdentitySource` (e.g., `AppService`, `Imds`, `ServiceFabric`) so the host-issued `Managed Identity Correlation ID` can be traced to the correct host's telemetry. [#6095](https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/pull/6095)
+
 4.85.0
 ======
 

@@ -188,7 +188,7 @@ protected virtual Task<ManagedIdentityResponse> HandleResponseAsync(
 
             string message = GetMessageFromErrorResponse(response);
 
-            _requestContext.Logger.Error($"[Managed Identity] request failed, HttpStatusCode: {response.StatusCode} Error message: {message}");
+            _requestContext.Logger.Error($"[Managed Identity] request failed, Source: {_sourceType}, HttpStatusCode: {response.StatusCode} Error message: {message}");
 
             MsalException exception = MsalServiceExceptionFactory.CreateManagedIdentityException(
                 MsalError.ManagedIdentityRequestFailed,
@@ -281,7 +281,10 @@ private string ExtractErrorMessageFromManagedIdentityErrorResponse(ManagedIdenti
 
             if (!string.IsNullOrEmpty(managedIdentityErrorResponse.CorrelationId))
             {
-                stringBuilder.Append($"Managed Identity Correlation ID: {managedIdentityErrorResponse.CorrelationId} Use this Correlation ID for further investigation.");
+                stringBuilder.Append(
+                    $"Managed Identity Correlation ID: {managedIdentityErrorResponse.CorrelationId} " +
+                    $"(issued by the '{_sourceType}' managed identity source; search that source's telemetry with this correlation ID). " +
+                    $"Use this Correlation ID for further investigation.");
             }
 
             if (stringBuilder.Length == ManagedIdentityPrefix.Length)

@@ -559,8 +559,8 @@ await mi.AcquireTokenForManagedIdentity(resource)
         }
 
         [TestMethod]
-        [DataRow("{\"statusCode\":500,\"message\":\"Error message\",\"correlationId\":\"GUID\"}", new string[] { "Error message", "GUID" })]
-        [DataRow("{\"message\":\"Error message\",\"correlationId\":\"GUID\"}", new string[] { "Error message", "GUID" })]
+        [DataRow("{\"statusCode\":500,\"message\":\"Error message\",\"correlationId\":\"GUID\"}", new string[] { "Error message", "GUID", "AppService", "managed identity source" })]
+        [DataRow("{\"message\":\"Error message\",\"correlationId\":\"GUID\"}", new string[] { "Error message", "GUID", "AppService", "managed identity source" })]
         [DataRow("{\"error\":\"errorCode\",\"error_description\":\"Error message\"}", new string[] { "errorCode", "Error message" })]
         [DataRow("{\"error_description\":\"Error message\"}", new string[] { "Error message" })]
         [DataRow("{\"message\":\"Error message\"}", new string[] { "Error message" })]