HTTP AD身份验证 [英] HTTP AD Authentication
问题描述
我正在尝试进行简单的身份验证,以获取用于从Visual Basic .NET控制台应用程序查询密钥保管库密钥的令牌,这是我到目前为止返回401错误长度所需的
I am trying to do a simple authentication to get a token to use in querying a key vault secret from a visual basic .NET console application, here is what I have so far which returns a 401 Error Length Required
URL中有多行可读性:
Multiple lines in URL for readability:
URL =" https://login.microsoftonline.com/< tenate guid> / oauth2 /令牌?
URL = "https://login.microsoftonline.com/<tenate guid>/oauth2/token?
client_id =< AD中已注册应用的指南>
client_id=<guid of registerd app in AD>
& resource =< url encoded> https://< myvault> .vault.azure.net:433 /
&resource=<url encoded>https://<myvault>.vault.azure.net:433/
& client_secret =< mySecret>
&client_secret=<mySecret>
request = System,Net.WebRequest.Create(URL)
request = System,Net.WebRequest.Create(URL)
request.Method =" POST"
request.Method = "POST"
response = request.GetResponce
response = request.GetResponce
我不想使用异步电话
Lee
推荐答案
如果您尝试使用应用程序标识获取令牌,那么您需要使用客户端凭据流。 然而,&NBSP;我没有看到您在代码中传递 & grant_type = client_credentials 作为
参数。请参阅服务使用客户端凭据(共享密钥或证书)来支付呼叫服务
以了解流量。 您是否还可以确保在传递client_secret时传递的是"客户端密钥"。您在申请注册期间创建的。
If you are trying to get the token using application identity then you need to use the client credentials flow. However, I do not see you are passing &grant_type=client_credentials as a parameter in your code. Please refer to Service to service calls using client credentials (shared secret or certificate) to understand the flow. Can you also make sure that when you are passing client_secret you are passing the "client secret" which you have created during the application registration.
这篇关于HTTP AD身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!