• docker

1. Locate the name of your service principal
2. Execute the following statements in the database for which you wish to grant access:
   • This can also be done via the "Query editor" in the Azure Portal for the database in question

   CREATE USER "<SERVICE_PRINCIPAL_NAME>" FROM EXTERNAL PROVIDER;
   EXEC sp_addrolemember '<role_name>', '<SERVICE_PRINCIPAL_NAME>';

   • To list existing roles, execute the following statement:

   sp_helprole;

Known working example:

CREATE USER "<SERVICE_PRINCIPAL_NAME>" FROM EXTERNAL PROVIDER;
EXEC sp_addrolemember 'db_datareader', '<SERVICE_PRINCIPAL_NAME>';

# Copy the template file
$ cp docker-template.env .env
# Edit the file, add the required variables
$ vim .env

$ docker build -t dbc .
$ docker run --rm -it --env-file .env dbc

• MS Docs: sing Azure Active Directory with the ODBC Driver - Authenticating with an Access Token
• StackOverflow: Token-based authentication support for Azure SQL DB using Azure AD auth
• Medium: Connect to a SQL Database from Python using access token
• Query SQL Database from Python using pyodbc and access token