AzureAD
diff --git a/‎src/client/Microsoft.Identity.Client/ManagedIdentity/ImdsManagedIdentitySource.cs‎
Lines changed: 10 additions & 8 deletions b/‎src/client/Microsoft.Identity.Client/ManagedIdentity/ImdsManagedIdentitySource.cs‎
Lines changed: 10 additions & 8 deletions
diff --git a/‎src/client/Microsoft.Identity.Client/ManagedIdentity/ManagedIdentityClient.cs‎
Lines changed: 51 additions & 12 deletions b/‎src/client/Microsoft.Identity.Client/ManagedIdentity/ManagedIdentityClient.cs‎
Lines changed: 51 additions & 12 deletions
diff --git a/‎src/client/Microsoft.Identity.Client/ManagedIdentity/ManagedIdentitySourceResult.cs‎
Lines changed: 51 additions & 0 deletions b/‎src/client/Microsoft.Identity.Client/ManagedIdentity/ManagedIdentitySourceResult.cs‎
Lines changed: 51 additions & 0 deletions
diff --git a/‎src/client/Microsoft.Identity.Client/ManagedIdentityApplication.cs‎
Lines changed: 2 additions & 2 deletions b/‎src/client/Microsoft.Identity.Client/ManagedIdentityApplication.cs‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/client/Microsoft.Identity.Client/MsalError.cs‎
Lines changed: 5 additions & 0 deletions b/‎src/client/Microsoft.Identity.Client/MsalError.cs‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎src/client/Microsoft.Identity.Client/PublicApi/net462/PublicAPI.Unshipped.txt‎
Lines changed: 10 additions & 2 deletions b/‎src/client/Microsoft.Identity.Client/PublicApi/net462/PublicAPI.Unshipped.txt‎
Lines changed: 10 additions & 2 deletions
diff --git a/‎src/client/Microsoft.Identity.Client/PublicApi/net472/PublicAPI.Unshipped.txt‎
Lines changed: 10 additions & 2 deletions b/‎src/client/Microsoft.Identity.Client/PublicApi/net472/PublicAPI.Unshipped.txt‎
Lines changed: 10 additions & 2 deletions
@@ -241,7 +241,7 @@ public static string ImdsQueryParamsHelper(
             return queryParams;
         }
 
-        public static async Task<bool> ProbeImdsEndpointAsync(
+        public static async Task<(bool success, string failureReason)> ProbeImdsEndpointAsync(
             RequestContext requestContext,
             ImdsVersion imdsVersion,
             CancellationToken cancellationToken)
@@ -255,8 +255,8 @@ public static async Task<bool> ProbeImdsEndpointAsync(
             {
                 case ImdsVersion.V2:
 #if NET462
-                requestContext.Logger.Info("[Managed Identity] IMDSv2 flow is not supported on .NET Framework 4.6.2. Cryptographic operations required for managed identity authentication are unavailable on this platform. Skipping IMDSv2 probe.");
-                return false;
+                    requestContext.Logger.Info("[Managed Identity] IMDSv2 flow is not supported on .NET Framework 4.6.2. Cryptographic operations required for managed identity authentication are unavailable on this platform. Skipping IMDSv2 probe.");
+                    return (false, "IMDSv2 is not supported on .NET Framework 4.6.2");
 #else
                     apiVersionQueryParam = ImdsV2ManagedIdentitySource.ApiVersionQueryParam;
                     imdsApiVersion = ImdsV2ManagedIdentitySource.ImdsV2ApiVersion;
@@ -303,22 +303,24 @@ public static async Task<bool> ProbeImdsEndpointAsync(
                     retryPolicy: retryPolicy)
                 .ConfigureAwait(false);
             }
-            catch (Exception ex)
+            catch (Exception ex) when (ex is not OperationCanceledException)
             {
-                requestContext.Logger.Info($"[Managed Identity] {imdsStringHelper} probe endpoint failure. Exception occurred while sending request to probe endpoint: {ex}");
-                return false;
+                string failureMessage = $"{imdsStringHelper} probe failed. Exception: {ex.Message}";
+                requestContext.Logger.Info(() => $"[Managed Identity] {failureMessage}");
+                return (false, failureMessage);
             }
 
             // probe omits the "Metadata: true" header and then treats 400 Bad Request as success
             if (response.StatusCode == HttpStatusCode.BadRequest)
             {
                 requestContext.Logger.Info(() => $"[Managed Identity] {imdsStringHelper} managed identity is available.");
-                return true;
+                return (true, null);
             }
             else
             {
+                string failureMessage = $"{imdsStringHelper} probe failed. Status code: {response.StatusCode}, Body: {response.Body}";
                 requestContext.Logger.Info(() => $"[Managed Identity] {imdsStringHelper} managed identity is not available. Status code: {response.StatusCode}, Body: {response.Body}");
-                return false;
+                return (false, failureMessage);
             }
         }
     }
 
@@ -54,13 +54,15 @@ private async Task<AbstractManagedIdentity> GetOrSelectManagedIdentitySourceAsyn
             {
                 requestContext.Logger.Info($"[Managed Identity] Selecting managed identity source if not cached. Cached value is {s_sourceName} ");
 
+                ManagedIdentitySourceResult sourceResult = null;
                 ManagedIdentitySource source;
 
                 // If the source is not already set, determine it
                 if (s_sourceName == ManagedIdentitySource.None)
                 {
                     // First invocation: detect and cache
-                    source = await GetManagedIdentitySourceAsync(requestContext, isMtlsPopRequested, cancellationToken).ConfigureAwait(false);
+                    sourceResult = await GetManagedIdentitySourceAsync(requestContext, isMtlsPopRequested, cancellationToken).ConfigureAwait(false);
+                    source = sourceResult.Source;
                 }
                 else
                 {
@@ -96,14 +98,14 @@ private async Task<AbstractManagedIdentity> GetOrSelectManagedIdentitySourceAsyn
                     ManagedIdentitySource.AzureArc => AzureArcManagedIdentitySource.Create(requestContext),
                     ManagedIdentitySource.ImdsV2 => ImdsV2ManagedIdentitySource.Create(requestContext),
                     ManagedIdentitySource.Imds => ImdsManagedIdentitySource.Create(requestContext),
-                    _ => throw new MsalClientException(MsalError.ManagedIdentityAllSourcesUnavailable, MsalErrorMessage.ManagedIdentityAllSourcesUnavailable)
+                    _ => throw CreateManagedIdentityUnavailableException(sourceResult)
                 };
             }
         }
 
         // Detect managed identity source based on the availability of environment variables and csr metadata probe request.
         // This method is perf sensitive any changes should be benchmarked.
-        internal async Task<ManagedIdentitySource> GetManagedIdentitySourceAsync(
+        internal async Task<ManagedIdentitySourceResult> GetManagedIdentitySourceAsync(
             RequestContext requestContext,
             bool isMtlsPopRequested,
             CancellationToken cancellationToken)
@@ -113,36 +115,46 @@ internal async Task<ManagedIdentitySource> GetManagedIdentitySourceAsync(
             if (source != ManagedIdentitySource.None)
             {
                 s_sourceName = source;
-                return source;
+                return new ManagedIdentitySourceResult(source);
             }
 
+            string imdsV2FailureReason = null;
+            string imdsV1FailureReason = null;
+
             // skip the ImdsV2 probe if MtlsPop was NOT requested
             if (isMtlsPopRequested)
             {
-                var imdsV2Response = await ImdsManagedIdentitySource.ProbeImdsEndpointAsync(requestContext, ImdsVersion.V2, cancellationToken).ConfigureAwait(false);
-                if (imdsV2Response)
+                var (imdsV2Success, imdsV2Failure) = await ImdsManagedIdentitySource.ProbeImdsEndpointAsync(requestContext, ImdsVersion.V2, cancellationToken).ConfigureAwait(false);
+                if (imdsV2Success)
                 {
                     requestContext.Logger.Info("[Managed Identity] ImdsV2 detected.");
                     s_sourceName = ManagedIdentitySource.ImdsV2;
-                    return s_sourceName;
+                    return new ManagedIdentitySourceResult(s_sourceName);
                 }
+                imdsV2FailureReason = imdsV2Failure;
             }
             else
             {
                 requestContext.Logger.Info("[Managed Identity] Mtls Pop was not requested; skipping ImdsV2 probe.");
             }
 
-            var imdsV1Response = await ImdsManagedIdentitySource.ProbeImdsEndpointAsync(requestContext, ImdsVersion.V1, cancellationToken).ConfigureAwait(false);
-            if (imdsV1Response)
+            var (imdsV1Success, imdsV1Failure) = await ImdsManagedIdentitySource.ProbeImdsEndpointAsync(requestContext, ImdsVersion.V1, cancellationToken).ConfigureAwait(false);
+            if (imdsV1Success)
             {
                 requestContext.Logger.Info("[Managed Identity] ImdsV1 detected.");
                 s_sourceName = ManagedIdentitySource.Imds;
-                return s_sourceName;
+                return new ManagedIdentitySourceResult(s_sourceName);
             }
+            imdsV1FailureReason = imdsV1Failure;
 
             requestContext.Logger.Info($"[Managed Identity] {MsalErrorMessage.ManagedIdentityAllSourcesUnavailable}");
             s_sourceName = ManagedIdentitySource.None;
-            return s_sourceName;
+            
+            return new ManagedIdentitySourceResult(s_sourceName)
+            {
+                ImdsV1FailureReason = imdsV1FailureReason,
+                ImdsV2FailureReason = imdsV2FailureReason
+            };
         }
 
         /// <summary>
@@ -229,13 +241,40 @@ private static bool ValidateAzureArcEnvironment(string identityEndpoint, string
             return false;
         }
 
+        /// <summary>
+        /// Creates an MsalClientException for when no managed identity source is available,
+        /// including detailed failure information from IMDS probes if available.
+        /// </summary>
+        private static MsalClientException CreateManagedIdentityUnavailableException(ManagedIdentitySourceResult sourceResult)
+        {
+            string errorMessage = MsalErrorMessage.ManagedIdentityAllSourcesUnavailable;
+
+            if (sourceResult != null)
+            {
+                if (!string.IsNullOrEmpty(sourceResult.ImdsV1FailureReason) || !string.IsNullOrEmpty(sourceResult.ImdsV2FailureReason))
+                {
+                    errorMessage += " MSAL was not able to detect the Azure Instance Metadata Service (IMDS) that runs on VMs:";
+                    if (!string.IsNullOrEmpty(sourceResult.ImdsV2FailureReason))
+                    {
+                        errorMessage += $" IMDSv2: {sourceResult.ImdsV2FailureReason}.";
+                    }
+                    if (!string.IsNullOrEmpty(sourceResult.ImdsV1FailureReason))
+                    {
+                        errorMessage += $" IMDSv1: {sourceResult.ImdsV1FailureReason}.";
+                    }
+                }
+            }
+
+            return new MsalClientException(MsalError.ManagedIdentityAllSourcesUnavailable, errorMessage);
+        }
+
         /// <summary>
         /// Sets (or replaces) the in-memory binding certificate used to prime the mtls_pop scheme on subsequent requests.
         /// The certificate is intentionally NOT disposed here to avoid invalidating caller-held references (e.g., via AuthenticationResult).
         /// </summary>
         /// <remarks>
         /// Lifetime considerations:
-        /// - The binding certificate is ephemeral and valid for the token’s binding duration.
+        /// - The binding certificate is ephemeral and valid for the token's binding duration.
         /// - If rotation occurs, older certificates will be eligible for GC once no longer referenced.
         /// - Explicit disposal can be revisited if a deterministic rotation / shutdown strategy is introduced.
         /// </remarks>
 
@@ -0,0 +1,51 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+namespace Microsoft.Identity.Client.ManagedIdentity
+{
+    /// <summary>
+    /// Result of managed identity source detection, including the detected source and any failure information from IMDS probes.
+    /// </summary>
+    /// <remarks>
+    /// This class is returned by <see cref="ManagedIdentityApplication.GetManagedIdentitySourceAsync"/> to provide
+    /// detailed information about managed identity source detection, including failure reasons when IMDS probes fail.
+    /// This information is useful for credential chains like DefaultAzureCredential to determine whether to skip
+    /// managed identity authentication entirely.
+    /// </remarks>
+    public class ManagedIdentitySourceResult
+    {
+        /// <summary>
+        /// Gets the detected managed identity source.
+        /// </summary>
+        /// <value>
+        /// The <see cref="ManagedIdentitySource"/> that was detected on the environment.
+        /// Returns <see cref="ManagedIdentitySource.None"/> if no managed identity source was detected.
+        /// </value>
+        public ManagedIdentitySource Source { get; }
+
+        /// <summary>
+        /// Gets or sets the failure reason from the IMDSv1 probe, if it failed.
+        /// </summary>
+        /// <value>
+        /// A string describing why the IMDSv1 probe failed, or <c>null</c> if the probe succeeded or was not attempted.
+        /// </value>
+        public string ImdsV1FailureReason { get; set; }
+
+        /// <summary>
+        /// Gets or sets the failure reason from the IMDSv2 probe, if it failed.
+        /// </summary>
+        /// <value>
+        /// A string describing why the IMDSv2 probe failed, or <c>null</c> if the probe succeeded or was not attempted.
+        /// </value>
+        public string ImdsV2FailureReason { get; set; }
+
+        /// <summary>
+        /// Initializes a new instance of the <see cref="ManagedIdentitySourceResult"/> class.
+        /// </summary>
+        /// <param name="source">The detected managed identity source.</param>
+        public ManagedIdentitySourceResult(ManagedIdentitySource source)
+        {
+            Source = source;
+        }
+    }
+}
@@ -56,11 +56,11 @@ public AcquireTokenForManagedIdentityParameterBuilder AcquireTokenForManagedIden
         }
 
         /// <inheritdoc/>
-        public async Task<ManagedIdentitySource> GetManagedIdentitySourceAsync(CancellationToken cancellationToken)
+        public async Task<ManagedIdentitySourceResult> GetManagedIdentitySourceAsync(CancellationToken cancellationToken)
         {
             if (ManagedIdentityClient.s_sourceName != ManagedIdentitySource.None)
             {
-                return ManagedIdentityClient.s_sourceName;
+                return new ManagedIdentitySourceResult(ManagedIdentityClient.s_sourceName);
             }
 
             // Create a temporary RequestContext for the logger and the IMDS probe request.
 
@@ -1232,5 +1232,10 @@ public static class MsalError
         /// All managed identity sources are unavailable.
         /// </summary>
         public const string ManagedIdentityAllSourcesUnavailable = "managed_identity_all_sources_unavailable";
+
+        /// <summary>
+        /// Represents the error code returned when an IMDS operation fails.
+        /// </summary>
+        public const string ImdsServiceError = "imds_service_error";
     }
 }
@@ -1,8 +1,16 @@
-const Microsoft.Identity.Client.MsalError.ManagedIdentityAllSourcesUnavailable = "managed_identity_all_sources_unavailable" -> string
+const Microsoft.Identity.Client.MsalError.ImdsServiceError = "imds_service_error" -> string
+const Microsoft.Identity.Client.MsalError.ManagedIdentityAllSourcesUnavailable = "managed_identity_all_sources_unavailable" -> string
 Microsoft.Identity.Client.AuthScheme.IAuthenticationOperation2
 Microsoft.Identity.Client.AuthScheme.IAuthenticationOperation2.FormatResultAsync(Microsoft.Identity.Client.AuthenticationResult authenticationResult, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) -> System.Threading.Tasks.Task
 Microsoft.Identity.Client.AuthScheme.IAuthenticationOperation2.ValidateCachedTokenAsync(Microsoft.Identity.Client.AuthScheme.MsalCacheValidationData cachedTokenData) -> System.Threading.Tasks.Task<bool>
 Microsoft.Identity.Client.AuthScheme.MsalCacheValidationData
 Microsoft.Identity.Client.AuthScheme.MsalCacheValidationData.MsalCacheValidationData() -> void
 Microsoft.Identity.Client.AuthScheme.MsalCacheValidationData.PersistedCacheParameters.get -> System.Collections.Generic.IDictionary<string, string>
-Microsoft.Identity.Client.ManagedIdentityApplication.GetManagedIdentitySourceAsync(System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task<Microsoft.Identity.Client.ManagedIdentity.ManagedIdentitySource>
+Microsoft.Identity.Client.ManagedIdentity.ManagedIdentitySourceResult
+Microsoft.Identity.Client.ManagedIdentity.ManagedIdentitySourceResult.ImdsV1FailureReason.get -> string
+Microsoft.Identity.Client.ManagedIdentity.ManagedIdentitySourceResult.ImdsV1FailureReason.set -> void
+Microsoft.Identity.Client.ManagedIdentity.ManagedIdentitySourceResult.ImdsV2FailureReason.get -> string
+Microsoft.Identity.Client.ManagedIdentity.ManagedIdentitySourceResult.ImdsV2FailureReason.set -> void
+Microsoft.Identity.Client.ManagedIdentity.ManagedIdentitySourceResult.ManagedIdentitySourceResult(Microsoft.Identity.Client.ManagedIdentity.ManagedIdentitySource source) -> void
+Microsoft.Identity.Client.ManagedIdentity.ManagedIdentitySourceResult.Source.get -> Microsoft.Identity.Client.ManagedIdentity.ManagedIdentitySource
+Microsoft.Identity.Client.ManagedIdentityApplication.GetManagedIdentitySourceAsync(System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task<Microsoft.Identity.Client.ManagedIdentity.ManagedIdentitySourceResult>
@@ -1,8 +1,16 @@
-const Microsoft.Identity.Client.MsalError.ManagedIdentityAllSourcesUnavailable = "managed_identity_all_sources_unavailable" -> string
+const Microsoft.Identity.Client.MsalError.ImdsServiceError = "imds_service_error" -> string
+const Microsoft.Identity.Client.MsalError.ManagedIdentityAllSourcesUnavailable = "managed_identity_all_sources_unavailable" -> string
 Microsoft.Identity.Client.AuthScheme.IAuthenticationOperation2
 Microsoft.Identity.Client.AuthScheme.IAuthenticationOperation2.FormatResultAsync(Microsoft.Identity.Client.AuthenticationResult authenticationResult, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) -> System.Threading.Tasks.Task
 Microsoft.Identity.Client.AuthScheme.IAuthenticationOperation2.ValidateCachedTokenAsync(Microsoft.Identity.Client.AuthScheme.MsalCacheValidationData cachedTokenData) -> System.Threading.Tasks.Task<bool>
 Microsoft.Identity.Client.AuthScheme.MsalCacheValidationData
 Microsoft.Identity.Client.AuthScheme.MsalCacheValidationData.MsalCacheValidationData() -> void
 Microsoft.Identity.Client.AuthScheme.MsalCacheValidationData.PersistedCacheParameters.get -> System.Collections.Generic.IDictionary<string, string>
-Microsoft.Identity.Client.ManagedIdentityApplication.GetManagedIdentitySourceAsync(System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task<Microsoft.Identity.Client.ManagedIdentity.ManagedIdentitySource>
+Microsoft.Identity.Client.ManagedIdentity.ManagedIdentitySourceResult
+Microsoft.Identity.Client.ManagedIdentity.ManagedIdentitySourceResult.ImdsV1FailureReason.get -> string
+Microsoft.Identity.Client.ManagedIdentity.ManagedIdentitySourceResult.ImdsV1FailureReason.set -> void
+Microsoft.Identity.Client.ManagedIdentity.ManagedIdentitySourceResult.ImdsV2FailureReason.get -> string
+Microsoft.Identity.Client.ManagedIdentity.ManagedIdentitySourceResult.ImdsV2FailureReason.set -> void
+Microsoft.Identity.Client.ManagedIdentity.ManagedIdentitySourceResult.ManagedIdentitySourceResult(Microsoft.Identity.Client.ManagedIdentity.ManagedIdentitySource source) -> void
+Microsoft.Identity.Client.ManagedIdentity.ManagedIdentitySourceResult.Source.get -> Microsoft.Identity.Client.ManagedIdentity.ManagedIdentitySource
+Microsoft.Identity.Client.ManagedIdentityApplication.GetManagedIdentitySourceAsync(System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task<Microsoft.Identity.Client.ManagedIdentity.ManagedIdentitySourceResult>
Original file line number	Diff line number	Diff line change
`@@ -241,7 +241,7 @@ public static string ImdsQueryParamsHelper(`
`241`	`241`	`return queryParams;`
`242`	`242`	`}`
`243`	`243`
`244`		`- public static async Task<bool> ProbeImdsEndpointAsync(`
	`244`	`+ public static async Task<(bool success, string failureReason)> ProbeImdsEndpointAsync(`
`245`	`245`	`RequestContext requestContext,`
`246`	`246`	`ImdsVersion imdsVersion,`
`247`	`247`	`CancellationToken cancellationToken)`
`@@ -255,8 +255,8 @@ public static async Task<bool> ProbeImdsEndpointAsync(`
`255`	`255`	`{`
`256`	`256`	`case ImdsVersion.V2:`
`257`	`257`	`#if NET462`
`258`		`- requestContext.Logger.Info("[Managed Identity] IMDSv2 flow is not supported on .NET Framework 4.6.2. Cryptographic operations required for managed identity authentication are unavailable on this platform. Skipping IMDSv2 probe.");`
`259`		`- return false;`
	`258`	`+ requestContext.Logger.Info("[Managed Identity] IMDSv2 flow is not supported on .NET Framework 4.6.2. Cryptographic operations required for managed identity authentication are unavailable on this platform. Skipping IMDSv2 probe.");`
	`259`	`+ return (false, "IMDSv2 is not supported on .NET Framework 4.6.2");`
`260`	`260`	`#else`
`261`	`261`	`apiVersionQueryParam = ImdsV2ManagedIdentitySource.ApiVersionQueryParam;`
`262`	`262`	`imdsApiVersion = ImdsV2ManagedIdentitySource.ImdsV2ApiVersion;`
`@@ -303,22 +303,24 @@ public static async Task<bool> ProbeImdsEndpointAsync(`
`303`	`303`	`retryPolicy: retryPolicy)`
`304`	`304`	`.ConfigureAwait(false);`
`305`	`305`	`}`
`306`		`- catch (Exception ex)`
	`306`	`+ catch (Exception ex) when (ex is not OperationCanceledException)`
`307`	`307`	`{`
`308`		`- requestContext.Logger.Info($"[Managed Identity] {imdsStringHelper} probe endpoint failure. Exception occurred while sending request to probe endpoint: {ex}");`
`309`		`- return false;`
	`308`	`+ string failureMessage = $"{imdsStringHelper} probe failed. Exception: {ex.Message}";`
	`309`	`+ requestContext.Logger.Info(() => $"[Managed Identity] {failureMessage}");`
	`310`	`+ return (false, failureMessage);`
`310`	`311`	`}`
`311`	`312`
`312`	`313`	`// probe omits the "Metadata: true" header and then treats 400 Bad Request as success`
`313`	`314`	`if (response.StatusCode == HttpStatusCode.BadRequest)`
`314`	`315`	`{`
`315`	`316`	`requestContext.Logger.Info(() => $"[Managed Identity] {imdsStringHelper} managed identity is available.");`
`316`		`- return true;`
	`317`	`+ return (true, null);`
`317`	`318`	`}`
`318`	`319`	`else`
`319`	`320`	`{`
	`321`	`+ string failureMessage = $"{imdsStringHelper} probe failed. Status code: {response.StatusCode}, Body: {response.Body}";`
`320`	`322`	`requestContext.Logger.Info(() => $"[Managed Identity] {imdsStringHelper} managed identity is not available. Status code: {response.StatusCode}, Body: {response.Body}");`
`321`		`- return false;`
	`323`	`+ return (false, failureMessage);`
`322`	`324`	`}`
`323`	`325`	`}`
`324`	`326`	`}`
Original file line number	Diff line number	Diff line change
`@@ -56,11 +56,11 @@ public AcquireTokenForManagedIdentityParameterBuilder AcquireTokenForManagedIden`
`56`	`56`	`}`
`57`	`57`
`58`	`58`	`/// <inheritdoc/>`
`59`		`- public async Task<ManagedIdentitySource> GetManagedIdentitySourceAsync(CancellationToken cancellationToken)`
	`59`	`+ public async Task<ManagedIdentitySourceResult> GetManagedIdentitySourceAsync(CancellationToken cancellationToken)`
`60`	`60`	`{`
`61`	`61`	`if (ManagedIdentityClient.s_sourceName != ManagedIdentitySource.None)`
`62`	`62`	`{`
`63`		`- return ManagedIdentityClient.s_sourceName;`
	`63`	`+ return new ManagedIdentitySourceResult(ManagedIdentityClient.s_sourceName);`
`64`	`64`	`}`
`65`	`65`
`66`	`66`	`// Create a temporary RequestContext for the logger and the IMDS probe request.`
Original file line number	Diff line number	Diff line change
`@@ -1232,5 +1232,10 @@ public static class MsalError`
`1232`	`1232`	`/// All managed identity sources are unavailable.`
`1233`	`1233`	`/// </summary>`
`1234`	`1234`	`public const string ManagedIdentityAllSourcesUnavailable = "managed_identity_all_sources_unavailable";`
	`1235`	`+`
	`1236`	`+ /// <summary>`
	`1237`	`+ /// Represents the error code returned when an IMDS operation fails.`
	`1238`	`+ /// </summary>`
	`1239`	`+ public const string ImdsServiceError = "imds_service_error";`
`1235`	`1240`	`}`
`1236`	`1241`	`}`