Bicep has a great feature, which meanwhile also leads to warnings during execution if you don’t pay attention to it: the avoidance of static values like URLs in Bicep files. A corresponding warning looks like this:
Warning no-hardcoded-env-urls: Environment URLs should not be hardcoded. Use the environment() function to ensure compatibility across clouds. Found this disallowed host: “login.microsoftonline.com” [https://aka.ms/bicep/linter/no-hardcoded-env-urls]
Bicep has an environment() function for this purpose.
Instead of
1var loginEndpointUri = 'https://login.microsoftonline.com/'
you should write
1var loginEndpointUri = environment().authentication.loginEndpoint
This in itself affects quite a few static values. A short overview:
1{
2 "name": "AzureCloud",
3 "gallery": "https://gallery.azure.com/",
4 "graph": "https://graph.windows.net/",
5 "portal": "https://portal.azure.com",
6 "graphAudience": "https://graph.windows.net/",
7 "activeDirectoryDataLake": "https://datalake.azure.net/",
8 "batch": "https://batch.core.windows.net/",
9 "media": "https://rest.media.azure.net",
10 "sqlManagement": "https://management.core.windows.net:8443/",
11 "vmImageAliasDoc": "https://raw.githubusercontent.com/Azure/azure-rest-api-specs/master/arm-compute/quickstart-templates/aliases.json",
12 "resourceManager": "https://management.azure.com/",
13 "authentication": {
14 "loginEndpoint": "https://login.windows.net/",
15 "audiences": [
16 "https://management.core.windows.net/",
17 "https://management.azure.com/"
18 ],
19 "tenant": "common",
20 "identityProvider": "AAD"
21 },
22 "suffixes": {
23 "acrLoginServer": ".azurecr.io",
24 "azureDatalakeAnalyticsCatalogAndJob": "azuredatalakeanalytics.net",
25 "azureDatalakeStoreFileSystem": "azuredatalakestore.net",
26 "azureFrontDoorEndpointSuffix": "azurefd.net",
27 "keyvaultDns": ".vault.azure.net",
28 "sqlServerHostname": ".database.windows.net",
29 "storage": "core.windows.net"
30 }
31}
Deployment functions for Bicep
Docs: Avoid hardcoded URLs
Related articles
Feb 26, 2026 · 6 min read
Run Azure Cosmos DB locally with .NET Aspire and make emulator endpoints visible in the dashboard
When building cloud-native .NET applications, two goals often matter at the same time: a fast local development loop and a clean path to …
Sep 24, 2025 · 9 min read
Automatically discover tools for Azure OpenAI Realtime API
Azure now provides a unified Realtime API for low‑latency, multimodal conversations over WebRTC or WebSockets. If you’ve used the earlier …
Sep 01, 2025 · 3 min read
Azure Document Intelligence – Fix: ContentSourceNotAccessible (Invalid data URL)
Problem Training custom models (for example, delivery notes) in Azure Document Intelligence initially worked fine. Suddenly, both training …
Author
BEN ABT
Ben is a Principal Software Engineer at Medialesson.de, with a strong focus on .NET and Microsoft Azure. In his professional role, he designs and builds highly scalable platforms for hybrid and cloud-based scenarios. He also advises companies and C-levels on migrating to the sovereign cloud.
He runs myCSharp.de, the largest and most active German-speaking C# community forum, actively contributes to both his own and external open-source projects and regularly shares his knowledge through his blog, at community events, conferences and as a writer for technical magazines.
Let's Work Together
Looking for an experienced Platform Architect or Engineer for your next project? Whether it's cloud migration, platform modernization or building new solutions from scratch - I'm here to help you succeed.
Comments