Workload identity federation using Entra-issued tokens

Workload identity federation (WIF) enables deployment from Azure Pipelines to Azure without using secrets. The current implementation of WIF relies on an ID token issued by Azure DevOps, which is then exchanged for an Entra-issued access token. In the new revision, the ID token is also issued by Entra instead of Azure DevOps. This change will enhance security by leveraging all the mechanisms available in Entra to protect the ID tokens. This feature has rolled out, all newly created service connections use Entra-issued ID tokens.