From 31a2088aac1cb572a4f8af2ca95696f8d3918e04 Mon Sep 17 00:00:00 2001
From: MikelRev <115667520+MikelRev@users.noreply.github.com>
Date: Thu, 17 Apr 2025 11:54:52 -0400
Subject: [PATCH] Updated sqlserver auth to utilize default scope. (#3698)

Co-authored-by: Yaron Schneider <schneider.yaron@live.com>
---
 common/authentication/sqlserver/metadata.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/common/authentication/sqlserver/metadata.go b/common/authentication/sqlserver/metadata.go
index 003fbdba7..a3896deae 100644
--- a/common/authentication/sqlserver/metadata.go
+++ b/common/authentication/sqlserver/metadata.go
@@ -96,7 +96,7 @@ func (m *SQLServerAuthMetadata) GetConnector(setDatabase bool) (*mssql.Connector
 		conn, err := mssql.NewSecurityTokenConnector(config, func(ctx context.Context) (string, error) {
 			at, err := tokenCred.GetToken(ctx, policy.TokenRequestOptions{
 				Scopes: []string{
-					m.azureEnv.Cloud.Services[azure.ServiceAzureSQL].Audience,
+					m.azureEnv.Cloud.Services[azure.ServiceAzureSQL].Audience + "/.default",
 				},
 			})
 			if err != nil {