Azure无效的AccessToken [英] Azure invalid AccessToken
问题描述
我正在尝试使用Microsoft.Azure.Management.Resources库来管理一些Azure资源.我已经在Azure AD中注册了应用程序,并给了所有许可.我使用了它的ApplicationId和Secret + TennantId和SubscriptionId,并尝试破坏AccessToken像这样:
i am trying to use Microsoft.Azure.Management.Resources library to manage some Azure resources. I have registered app in Azure AD and i gave it all permissons. I took its ApplicationId and Secret + TennantId and SubscriptionId and tried to obtaion AccessToken like this:
var clientCredential = new ClientCredential(_model.DeploymentDetails.CliendId, _model.DeploymentDetails.ClientSecret);
var context = new AuthenticationContext("https://login.windows.net/"+model.DeploymentDetails.TennantId);
_accessToken = context.AcquireTokenAsync("https://management.azure.com/", clientCredential).Result.AccessToken;
_resourceManagementClient = new ResourceManagementClient(new TokenCloudCredentials(_model.DeploymentDetails.SubscriptionId,_accessToken));
我得到一些AccessToken.但是当我尝试像这样使用它时:
I get some AccessToken. BUT when i try to use it like this:
var x = _resourceManagementClient.ResourceGroups.List(...);
我收到此错误:
其他信息:InvalidAuthenticationToken:收到的访问令牌无效:应当至少存在声明"puid"或"altsecid"或"oid"之一.如果要作为应用程序访问,请确保在租户中正确创建了服务主体.
Additional information: InvalidAuthenticationToken: The received access token is not valid: at least one of the claims 'puid' or 'altsecid' or 'oid' should be present. If you are accessing as application please make sure service principal is properly created in the tenant.
有什么想法吗?
非常感谢您.
推荐答案
据我所知,Microsoft.Azure.Management.Resources.dll实现了ARM API.我们需要将应用程序分配给角色,之后,我们可以共同使用令牌.有关如何将应用程序分配给角色的更多信息,请参考
As far as I know, Microsoft.Azure.Management.Resources.dll that implements the ARM API. We need to assign application to role, after that then we can use token in common. More information about how to assign application to role please refer to the article .This blog also has more detail steps to get AceessToken.
这篇关于Azure无效的AccessToken的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!