Update dependency Azure.Identity to 1.21.0

[dependencyupdates]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
Azure.Identity (source)	1.17.1 → 1.21.0

---

Release Notes

Azure/azure-sdk-for-net (Azure.Identity)

v1.21.0

Compare Source

1.21.0 (2026-04-10)

Other Changes

• All Azure.Identity types have been moved to Azure.Core and are now available through TypeForwardedTo attributes. This is a non-breaking change — existing code continues to work transparently. The library's version number now aligns with that of Azure.Core. See the Migration Guide for details.

v1.20.0

Compare Source

1.20.0 (2026-03-30)

Features Added

• Added a JSON schema segment to the NuGet package that provides IntelliSense and validation for Azure.Identity credential configuration in appsettings.json.

Breaking Changes

• AddAzureClient, AddKeyedAzureClient, and WithAzureCredential return type changed from IHostApplicationBuilder to IClientBuilder to align with the IClientBuilder composition change in System.ClientModel.

v1.19.0

Compare Source

1.19.0 (2026-03-11)

Features Added

• Added support in ClientCertificateCredential to specify a path in the form of cert:/StoreLocation/StoreName/Thumbprint to refer to a certificate in the platform certificate store - such as the Windows Certificate Store on Windows, and the KeyChain on MacOS - instead of a file on disk. For example to load a certificate from the "My" store in the "CurrentUser" location use the path cert:/CurrentUser/My/E661583E8FABEF4C0BEF694CBC41C28FB81CD870 (A community contribution, courtesy of fowl2).

Other Changes

• Updated Microsoft.Identity.Client and Microsoft.Identity.Client.Extensions.Msal dependencies to version 4.83.1.

v1.18.0

Compare Source

1.18.0 (2026-02-25)

Features Added

• Added experimental Microsoft.Extensions.Configuration and Microsoft.Extensions.DependencyInjection integration for Azure SDK clients. For details, see the Configuration and Dependency Injection documentation.

• The WorkloadIdentityCredentialOptions.IsAzureProxyEnabled property, which enables Azure Kubernetes token proxy mode, is only available in beta releases of this package.

• AzureDeveloperCliCredential now parses JSON error output from azd auth token to extract clean error messages instead of including raw JSON in exceptions. Error messages like {"type":"consoleMessage","data":{"message":"ERROR: fetching token: ..."}} are now displayed as ERROR: fetching token: ....

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

Commands to ignore dependencies

You can trigger dependency actions by commenting on this PR:

• @particularbot ignore this major version
• @particularbot ignore this minor version
• @particularbot ignore this dependency