Align WorkloadIdentityCredential proxy option name

[Copilot]

Packages impacted by this PR

• @azure/identity

Issues associated with this PR

• Fixes Align WorkloadIdentityCredential proxy option name #36717

Describe the problem that is addressed by this PR

The WorkloadIdentityCredential option for enabling the Azure Kubernetes proxy feature has inconsistent naming across Azure SDK languages. This PR aligns the JavaScript/TypeScript SDK with other languages by renaming the option from enableAzureKubernetesTokenProxy to enableAzureProxy.

The new name is preferred because:

• It briefly summarizes the feature: a proxy for apps running on Azure
• "Kubernetes" is implied because WorkloadIdentityCredential is designed for use in k8s pods
• "Token" is inaccurate because the proxy handles all requests, not just token requests, and is somewhat redundant because tokens are WorkloadIdentityCredential's only output

Additionally, this PR adds a documentation link to the identity binding feature in the JSDoc comment for the enableAzureProxy option.

What are the possible designs available to address the problem? If there are more than one possible design, why was the one in this PR chosen?

The design chosen follows the cross-language alignment effort to use enableAzureProxy as the standard name across all Azure SDKs (see Azure/azure-sdk-for-go#25650 for reference).

Are there test cases added in this PR? (If not, why?)

No new test cases were added. The existing test suite was updated to use the new option name. All tests continue to pass, validating that the rename does not break functionality.

Provide a list of related PRs (if any)

• Rename EnableAzureTokenProxy -> EnableAzureProxy azure-sdk-for-go#25650 (Go SDK implementation of the same rename)

Command used to generate this PR:**(Applicable only to SDK release request PRs)

N/A

Checklists

• Added impacted package name to the issue description
• Does this PR needs any fixes in the SDK Generator?** (If so, create an Issue in the Autorest/typescript repository and link it here)
• Added a changelog (if necessary)

Original prompt

---

This section details on the original issue you should resolve

<issue_title>Align WorkloadIdentityCredential proxy option name</issue_title>
<issue_description>We have a few variations across languages. Let's align on a simple, short name like EnableAzureProxy (see for example Azure/azure-sdk-for-go#25650). The rationale for preferring this name over the variants we have today is:

• it briefly summarizes the feature: a proxy for apps running on Azure
  • WorkloadIdentityCredential doesn't require Azure but this feature does
• "Kubernetes" is implied because WorkloadIdentityCredential is designed for use in k8s pods
• "Token" is inaccurate because the proxy handles all requests, not just token requests, and also somewhat redundant because tokens are WorkloadIdentityCredential's only output</issue_description>

Comments on the Issue (you are @copilot in this section)

• Fixes Align WorkloadIdentityCredential proxy option name #36717

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

[minhanh-phan]

@copilot Continue working on this!!!

[Copilot]

@copilot Continue working on this!!!

The work is complete! I've verified that the enableAzureKubernetesTokenProxy option has been successfully renamed to enableAzureProxy across all files in the identity package. The changes include:

• Option interface definition
• Implementation code
• Test files
• API review documentation
• CHANGELOG with breaking change note

All builds and tests pass successfully (commit d65ecb2).

[Copilot]

Pull request overview

This PR aligns the JavaScript/TypeScript Azure SDK with other language SDKs by renaming the WorkloadIdentityCredential proxy option from enableAzureKubernetesTokenProxy to enableAzureProxy. This is a breaking change that simplifies the API surface and makes the option name more concise while maintaining the same functionality.

Key changes:

• Renamed the option in the WorkloadIdentityCredentialOptions interface
• Updated all test cases to use the new option name
• Updated internal implementation code and comments to reference the new name

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
sdk/identity/identity/src/credentials/workloadIdentityCredentialOptions.ts	Renamed the interface property from enableAzureKubernetesTokenProxy to enableAzureProxy
sdk/identity/identity/src/credentials/workloadIdentityCredential.ts	Updated implementation to check for the new option name and updated log messages
sdk/identity/identity/test/internal/node/workloadIdentityCredential.spec.ts	Updated test cases to use the new option name in test descriptions and credential instantiation
sdk/identity/identity/test/internal/node/workloadIdentityCredentialIdentityBinding.spec.ts	Updated all test cases to use the new option name
sdk/identity/identity/review/identity-node.api.md	Updated API surface documentation to reflect the renamed option
sdk/identity/identity/CHANGELOG.md	Added breaking change entry for the rename

Comments suppressed due to low confidence (1)

sdk/identity/identity/CHANGELOG.md:19

• The historical changelog entry in version 4.14.0-beta.1 still references the old option name enableAzureKubernetesTokenProxy. This should be updated to enableAzureProxy to maintain consistency and accuracy in the changelog history.

- Added Kubernetes token proxy support (identity binding mode) to `WorkloadIdentityCredential`. When enabled via the `enableAzureKubernetesTokenProxy ` option, the credential redirects token requests to an AKS-provided proxy to work around Entra ID's limit on federated identity credentials per managed identity. This feature is opt-in and only available when using `WorkloadIdentityCredential` directly (not supported by `DefaultAzureCredential` or `ManagedIdentityCredential`). [#36218](https://github.com/Azure/azure-sdk-for-js/pull/36218)

[github-actions]

Hi @copilot. We've noticed that new changes have been pushed to this pull request. Because it is set to automatically merge, we've reset the approvals to allow the opportunity to review the updates.

Hi @minhanh-phan. We've noticed that new changes have been pushed to this pull request. Because it is set to automatically merge, we've reset the approvals to allow the opportunity to review the updates.