Choosing Authentication

What this page is for

This page explains the two review authentication paths and why the rest of the flow changes depending on which one you choose.

When to use it

Read this when:

• you are not sure whether to save a connection or paste a token
• you want to understand why token mode skips the subscriptions step
• you are trying to decide which path should become the normal workflow for a customer

How the two options work

Stored Azure connection

Use this when you want a reusable path for future reviews.

It is the better option when:

• the customer will be reviewed more than once
• more than one person may need to run reviews later
• you want Hygiara to discover subscriptions from a saved connection

Access token

Use this when you want a one-off run without storing reusable access.

It is the better option when:

• the review is temporary or exploratory
• someone is willing to provide a management-plane token but not a stored credential
• you want the fastest route to a first successful run

What changes in the UI

With a stored connection:

• you choose a saved Azure connection
• Hygiara loads the visible subscriptions
• you get a subscriptions step

With an access token:

• you paste the token
• Hygiara validates it against Azure before continuing
• all accessible subscriptions are included automatically
• there is no subscriptions step

What to expect

Stored credential is the default option in the review modal because it is the cleaner repeat workflow. If the selected customer has no saved connections, that option is disabled and the UI points you toward the paths that can actually work.

Common mistakes

• assuming token mode is just a shorter version of stored-credential mode
• saving a reusable connection for a customer that only needs a one-off review
• choosing token mode and then looking for manual scope selection

Next step

• Azure connections
• Access tokens
• Create a review