Add AsyncContextualTokenResolver for agentic user ID support in token resolution#255
Merged
Merged
Conversation
… resolution Introduce a non-breaking AsyncContextualTokenResolver delegate and supporting types that allow the agentic user ID to be passed alongside agent and tenant IDs during token resolution for the Agent365 exporter. - Add AgentIdentity class with AgentId and optional AgenticUserId - Add TokenResolverContext with Identity and TenantId - Add AsyncContextualTokenResolver delegate on Agent365ExporterOptions - Update Agent365ExporterCore to prefer ContextualTokenResolver when set - Relax exporter constructors to accept either resolver - Add ApplyGuardrailOperationName to exported operation names set - Add 14 unit tests covering new types, constructor validation, and resolver precedence Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Dependency Review✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.Scanned FilesNone |
Contributor
There was a problem hiding this comment.
Pull request overview
This PR adds contextual token resolution for the Agent365 trace exporter so token resolvers can receive tenant, agent, and optional agentic user identity while preserving the legacy resolver path.
Changes:
- Added
AgentIdentity,TokenResolverContext, andAsyncContextualTokenResolver. - Updated exporter core and constructors to prefer contextual token resolution when configured.
- Added contextual resolver tests and included
apply_guardrailin genAI operation partitioning.
Reviewed changes
Copilot reviewed 7 out of 7 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
src/Observability/Runtime/Tracing/Exporters/AgentIdentity.cs |
Adds exporter-facing agent identity model with optional agentic user ID. |
src/Observability/Runtime/Tracing/Exporters/TokenResolverContext.cs |
Adds token resolver context containing identity and tenant ID. |
src/Observability/Runtime/Tracing/Exporters/Agent365ExporterOptions.cs |
Adds contextual resolver delegate and option. |
src/Observability/Runtime/Tracing/Exporters/Agent365ExporterCore.cs |
Prefers contextual resolver and recognizes apply-guardrail spans. |
src/Observability/Runtime/Tracing/Exporters/Agent365Exporter.cs |
Allows either legacy or contextual resolver in sync exporter. |
src/Observability/Runtime/Tracing/Exporters/Agent365ExporterAsync.cs |
Allows either legacy or contextual resolver in async exporter. |
src/Tests/Microsoft.Agents.A365.Observability.Runtime.Tests/Tracing/Exporters/ContextualTokenResolverTests.cs |
Adds tests for new types, validation, precedence, and failure cases. |
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
gwharris7
approved these changes
Jun 1, 2026
juliomenendez
approved these changes
Jun 3, 2026
sellakumaran
approved these changes
Jun 3, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Introduces a non-breaking \AsyncContextualTokenResolver\ delegate and supporting types that allow the agentic user ID (AUID) to be passed alongside agent and tenant IDs during token resolution for the Agent365 exporter.
Ported from microsoft/opentelemetry-distro-dotnet#101.
Changes
Non-breaking
Existing code using \TokenResolver\ continues to work unchanged. \ContextualTokenResolver\ is opt-in and takes precedence only when explicitly set.
Testing