Support OIDC / workload identity federation (secretless auth) for Workfront Fusion Azure DevOps integrations

Idea summary:
Workfront Fusion should support non-client-secret authentication patterns for Azure DevOps integrations using Microsoft Entra ID, specifically OIDC-based federated authentication / workload identity federation.

Problem:
Today, the Fusion Azure DevOps Entra authentication flow depends on client secrets. In our environment, client-secret authentication is no longer permitted under enterprise security policy. Because of that, we cannot use the current Fusion connection method in a compliant way.

Requested capability:
Add support for secretless authentication so Fusion can obtain tokens from Microsoft Entra ID without relying on client secrets.

Why this matters:
- Our current integration path is blocked by security policy
- This has been a long-running blocker for our Fusion to Azure DevOps use case
- It affects business operations and slows our ability to expand Workfront usage
- We need either native support for this auth pattern or a clearly supported alternative

Desired outcome:
Support OIDC-based workload identity federation / federated credentials for Microsoft Entra ID in Fusion integrations where client-secret authentication is not allowed.

Additional context:
This request is tied to enterprise security requirements and is not just a convenience enhancement. A supported secretless authentication model is required for compliant implementation in our environment.