Is @azure/identity safe to use?

@azure/identity has 1 known vulnerabilities on the latest version (4.13.1). DepScope rates its health at 90/100 (low risk).

What is the latest version of @azure/identity?

The latest version of @azure/identity is 4.13.1, released 2026-03-20.

Does @azure/identity have known vulnerabilities?

Yes. @azure/identity has 1 known vulnerabilities. See depscope.dev/pkg/npm/@azure/identity for details.

Is @azure/identity deprecated?

No, @azure/identity is actively maintained. Latest release: 4.13.1 (2026-03-20).

What are alternatives to @azure/identity?

Popular alternatives to @azure/identity in npm include: semver, debug, ansi-styles, minimatch, brace-expansion.

What license does @azure/identity use?

@azure/identity is licensed under MIT.

@azure/identity

npmv4.13.1

Provides credential implementations for Azure SDK libraries that can authenticate with Microsoft Entra ID

License MITpermissive804 versions3 maintainers11 deps9,941,209 weekly dl

Azure/azure-sdk-for-js

/ 100

Health

safe to use

@azure/[email protected] is safe to use (health: 90/100)

Update to >= 4.61.3 to fix known vulnerabilities

Health breakdown0 – 100

25/25

maintenance

17/20

popularity

23/25

security

15/15

maturity

10/15

community

Vulnerabilities

1 medium

Advisories (1)

Severity	ID	Summary	Fixed in
medium	CVE-2024-35255	Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability	4.61.3

Bundle & TypeScript

🌟

TypeScript

10/10typed

bundled

Quality signals

Download trend

stable(0%)

Publish security

npm signed

Health History

Dependency Tree

License Audit

Dependencies (11)

open tslib @azure/logger @azure/core-auth @azure/core-util @azure/msal-node @azure/core-client @azure/core-tracing @azure/msal-browser @azure/abort-controller @azure/core-rest-pipeline

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/@azure/identity